I called QBO after starting the signup process and was told it was a scam, but now I'm not sure and want to continue if this is something I should be doing.
Best answer December 30, 2022Thanks for reaching out to the Community, Renae T.
SecurityMetrics is an official partner of Intuit. They provide streamlined PCI DSS compliance services for QuickBooks Payments accounts.
I've also included a detailed resource about working with PCI compliance which may come in handy moving forward: Intuit Security Center - PCI Compliance
I'll be here to help if there's any additional questions. Have an awesome Friday!
72 Comments 72 December 30, 2022 09:49 AMSecurity Metrics, as well as PCI Compliance are actually legit.
If you're not PCI compliant, you could get fined.
Not sure who QB uses for PCI compliance, either. Security Metrics is a company out of Orem Utah. You can look them up, and call them, if you're still not sure and maybe don't receive a better answer, here.
December 30, 2022 10:33 AMThanks for reaching out to the Community, Renae T.
SecurityMetrics is an official partner of Intuit. They provide streamlined PCI DSS compliance services for QuickBooks Payments accounts.
I've also included a detailed resource about working with PCI compliance which may come in handy moving forward: Intuit Security Center - PCI Compliance
I'll be here to help if there's any additional questions. Have an awesome Friday!
March 05, 2023 08:59 AMIs it true you can be fined for not being compliant?
QuickBooks Team March 05, 2023 10:59 AMAs much as I wanted to help you, however, this falls outside the scope of what we're able to support with on the Community. To ensure you'll be able to get the correct information, I'd suggest contacting PCI directly. You may go to this link to reach them: https://www.pcisecuritystandards.org/contact_us/.
For further QuickBooks related concern, feel free to utilize this page: View all help.
You can go back here if you have more questions. I'm right here together with the Community people to help you out. Stay safe!
April 04, 2023 12:37 PMWe never see a credit card number. All of our payments are done through the QB portal after we send an invoice to the customer. I don't understand why we have to jump through the hoops of paying a PCI compliance company (after we have already paid QuickBooks) for PCI compliance. None of it is applicable to us because we are not processing the credit card, QuickBooks is. It sounds like a scam to me.
April 04, 2023 01:02 PM@TK67 PCI compliance, itself, isn't a scam. The scam is the way QB is making all of its customers that aren't even accepting payments, or have payments going through ONLY QB, are having to pay for compliance. QB is the one that needs to be compliant, not you. Yes, the payment is for your company, BUT, QB is the one taking and accepting the payments. It makes NO sense.
April 05, 2023 06:34 AMThanks for the reply! I went thru all of the compliance stuff after my original post, but I was skeptical since we hadn't had to do that with QB before. We rarely take credit card payments, but I did find a company to use that charges the customer the processing fee, and I haven't used it more than a few times in 2023 and it's been a month probably since the last time. I just received a bunch of emails from Security Metrics yesterday. I'll be annoyed if I have to do all that compliance stuff already.
April 21, 2023 07:47 AMPCI is not a law, but an industry standard that payment processing companies (Visa, Mastercard, etc) have agreed to. Payment processors like Intuit have subsequently added it to their Terms of Service as a requirement. There are many Quickbooks users who do not do any form of e-commerce, point of sale transactions, or any handling of card/account data. If that is your situation, I would recommend that you contact Intuit to request an exemption as this requirement places an unnecessary and ineffective burden on small businesses.
Note: I'm not a lawyer and this is not official legal advice!
April 21, 2023 03:08 PMI wish I didn't take credit cards. We occasionally have out of town customers who we don't know, so it needs to be an option.
June 15, 2023 01:07 PMI got the email and they said Intuit requires my company to be PCI compliant which I believe is not true. Intuit needs to have a chat with Security Metrics and tell them to stop misleading customers. I personally think it is junk email scaring people to buy their product. We take payments through Intuit, but never handle any customer credit card information. So I wager it is complete JUNK EMAIL. but this is just my opinion.
June 15, 2023 02:31 PMlooks like PCI wants $399 per year for small business compliance - WOW. Maybe they give a discount for Intuit users I don't know, I don't have time to inquire or put up with another sales pitch, but If I have to pay an additional $400 per year to use QB online, we may stop credit card payments altogether. this is pretty bad. We used to use quickbooks desktop and they did not require this ,so I am really confused and disappointed.
June 15, 2023 02:32 PMHow much would it cost?
June 15, 2023 07:24 PMI have received the email regarding the PCI compliance and from my understanding it is to ensure there is no fraud between my tenants bank and our own. If my tenants choose to pay their bills using the quickbooks links they enter in all their banking information on their own from their own devices without having to reach out to a third party. Our company is very small and can not afford to pay for services that are unnecessary, we do not wish to purchase a package and don't see the relevance of it for our company when we do not use any other forms of accepting credit or debit payments other than your site specifically. If we choose not to pay for their services will this disrupt our business with quickbooks?
QuickBooks Team June 15, 2023 09:36 PMWelcome to the QuickBooks Community, reesedalemutualwater .
Yes, you are correct that PCI compliance is required to ensure that there is no fraud between your tenant's bank and your end. I'll share additional details on how vital it is in processing payments with QuickBooks. Let me also route you to our support to assist you further.
The PCI Security Standards Council created the PCI DSS Standard to sufficiently protect customer payment card data from suspicious actions. As a merchant, you’re responsible for protecting payment card information.
Choosing not to use the PCI service will have no disruptions to your business with QuickBooks. However, any company that handles cardholder data, whether to process, store, or transmit, must meet PCI compliance requirements to ensure that payments are safe and secure.
I still suggest contacting our QuickBooks Payment Support Team . They can provide further details about the PCI compliance service and how it works. They'll also check your subscription for any add-on PCI Service fee.
Lastly, I'm adding this article to see what are the 12 requirements that cover the PCI standard: Learn about QuickBooks PCI Service .
If you have more questions about PCI Compliance, you can add a comment below. I'll be willing to lend a hand, reesedalemutualwater . Have a good day!