This action might not be possible to undo. Are you sure you want to continue?
We thank you for choosing Optimal Payments to process your credit card transactions. Data security has become a primary consideration for every type of business that accepts credit cards and debit cards for the payment of goods or services. The five major card schemes, including Visa and MasterCard, have established the Payment Card Industry Security Standards Council (PCI SSC) to oversee the Payment Card Industry Data Security Standard (PCI DSS) and to promote data security throughout the payment card industry. All industry participants who transmit, process, and/or store cardholder data are now required to comply with PCI DSS, and all payment applications must be validated and certified on a regular basis as defined by the standard. Validation Process There are two main components of validation: 1. 2. Completing the PCI Self-Assessment Questionnaire (SAQ) as defined by the standard Potentially, undergoing network Vulnerability Scans performed by an Approved Scanning Vendor (ASV) quarterly
For more information about PCI DSS please visit our website at https://pcidss.optimalpayments.com. By complying with PCI DSS you will benefit from: • • • Better protection for your customers’ personal data Increased customer confidence through improved data security Protection against financial losses and fines
Avoid Heavy Fines Fines have been introduced by Visa and MasterCard for businesses that are compromised and are found to not be compliant with PCI DSS. Fines can be considerable, so to protect your business, it is vital that you become PCI DSS compliant and that you maintain compliance in the future.
Validation Service To help your business meet its PCI DSS compliance requirements and to facilitate the validation process, Optimal Payments has teamed up with Security Metrics, a PCI DSS–accredited Qualified Security Assessor (QSA) and ASV. We are pleased to be able to offer you a low-cost price of $204 per year (per external-facing IP) for complete PCI DSS validation services. Merchants who do not require vulnerability scan services will be billed only $35 per year. We would be happy to assist you in determining which category you fall into. You will be invoiced in the month you request access to the validation services and then annually thereafter unless you cancel the service. The fees cover your validation activities through the SecurityMetrics portal as well as your official compliance certificate, once achieved. Compliance Requirements You will have a grace period of 90 days to complete both the SAQ and, if required for your business, a scan of all external-facing IP addresses. If you do not become compliant by this date, you will be charged a non-compliance fee of $25 per month effective 90 days from your account activation. This fee is in addition to other fees payable under your Merchant Services Agreement with Optimal Payments and will be charged monthly until you successfully complete the validation process. If you are already compliant, or you have become compliant with the assistance of a qualified provider, you will need to submit your compliance certificate to avoid being charged the non-compliance fee in subsequent months. This documentation may be emailed to PCICompliance@optimalpayments.com. To initiate your PCI DSS compliance validation process, please visit https://www.securitymetrics.com/validation_type.adp and select Optimal Payments as your Acquiring Bank or Merchant Processor. Alternatively, you can contact our Customer Service team at 888-709-8753 or at email@example.com and they will help you register. We welcome any questions or concerns you may have regarding PCI compliance. We appreciate your selection of Optimal Payments as your payment service provider, and your commitment to securing your customers’ cardholder data. Yours faithfully, Optimal Payments www.optimalpayments.com © 2010 OP Payments Inc. All Rights Reserved.