Your browser does not have JavaScript Enabled. Javascript is required for this site to run properly.

QuickBooks and Payment Card Industry Data Security Standards (PCI DSS)

All merchants who accept credit cards or store payment card or other sensitive data must secure and protect this information and their customers. This article explains how QuickBooks meets the PA-DSS (Payment Application Data Security Standards), and in some cases what actions you may need to take to be compliant. Standards increase in rigor year after year, so newer versions of QuickBooks provide more built-in protections than older versions.

More details

QuickBooks 2013

In 2011, merchants were required to enable "complex passwords" in order to continue to process credit card payments in QuickBooks. A complex password is simply one that has at least 7 characters and includes at least 1 number and 1 uppercase letter. Complex passwords must also be changed every 90 days.
We help to ensure you’re compliant through the functionality of QuickBooks software. More types of data are now encrypted in QuickBooks 2013 to accommodate PCI compliance, this includes all types of sensitive data like customer names, billing information, credit card numbers, etc. This done in order to prevent vulnerabilities for everyone using QuickBooks.

You cannot disable Customer Credit Card Protection to use a less complex password. We also encourage you to use strong passwords anyway, as an added safeguard for your own business and your customers.

QuickBooks 2012 and earlier

QuickBooks 2011 users have protection starting with Release 1.
QuickBooks 2010 users must update to Release 7 or later.
QuickBooks 2009 users must update to Release 12.
QuickBooks 2008 users must manually enable Credit Card Protection.

If you are certain that you don't need to be PA-DSS compliant, you can disable Customer Credit Card Protection to use a less complex password. We encourage you to use strong passwords anyway, as an added safeguard for your own business and your customers.

How to turn it on

Actions you can take to comply with these new security standards:

Update to the current release:
Important: If you use QuickBooks 2011 (or later ) or Enterprise Solutions 11.0(or later), you do not require an update. Proceed to Step 2.
1. In the top menu bar of QuickBooks, choose Help > Update QuickBooks.
2. Click the Update Now button.
3. On the Update Now tab, be sure each item has a checkmark next to it.
4. Click the Get Updates button. The download may take a few minutes.
5. When the process is complete, close QuickBooks.
6. Reopen QuickBooks to start installing the updates you just downloaded. This may take a few more minutes.
Enable Credit Card Protection:
Note: Only administrators can perform these steps.
1. Open QuickBooks.
2. Choose Company > Customer Credit Card Protection.
3. In the Customer Credit Card Protection window, click the Enable Protection button.
4. Enter a complex password and challenge question. Click OK.
  Note: A complex password requires at least 7 characters, including one number and one uppercase letter.

If you are certain that you don't need to be PA-DSS compliant, you can disable Customer Credit Card Protection to use a less complex password.

Get more information

Important: You may need to take actions outside of QuickBooks to ensure you are compliant.

You can also contact a technical support agent for additional guidance. Fees may apply.

KB ID# INF12850

5/24/2013 7:23:21 AM

QYPPRDQBKSWS01 9090 Pro 2012 b97a78