- Subscribe to RSS Feed
- Mark Thread as New
- Mark Thread as Read
- Float this Thread for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
We have another merchant relationship that primarily handles the bulk of our transactions (ecommerce, retail, etc.) and they require us to use Security Metrics to complete the PCI Self Eval each year. Whenever we discuss our operating environment (online software, hardware devices, etc) we also mention that we use Square on a limited basis for mobile or "pop-up" events. We recently had a consultant come through to ensure we were stating our environment correctly and they are deadset against Square. They say that the product puts our whole network into PCI scope since it is not P2PE. Also the only way we could possibly use it is to have a locked down cellular device that only accesses the Square app. Could you please help me in understanding their concerns and how Square reduces our PCI scope environment? Thanks in advance for any assistance.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report
Here are some links for you to read up on for Square's PCI compliance standards. In short it meets or exceeds PCI DSS.
https://squareup.com/guides/pci-compliance
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report