Was this page helpful?
Thank you!

Comments or suggestions?

Enter Email Address (optional)

Additional tasks required for Customer Credit Card Protection Compliance

QuickBooks users who store, process, or transmit customer credit card data in QuickBooks are required to protect that data by complying with the Go online Payment Card Industry Data Security Standard (PCI DSS).

There are 12 requirements in the PCI DSS; some apply to QuickBooks and some do not. The QuickBooks tasks that meet requirements are listed below; the relevant PCI requirements are shown in parentheses before each task.

The associated tasks do not necessarily satisfy the entire requirement. Refer to the PCI DSS for detailed information about complying with each requirement.

Do this in QuickBooks

  • (PCI DSS #2, 3, 4, 8) Enable Customer Credit Card Protection.

    Determine if this protection is already enabled
    Go to the Company menu and click Customer Credit Card Protection. (If you don't see this menu option, QuickBooks automatically stores credit card information for you and you don't have to enable protection yourself.) The button in the window that opens will either show Enable Protection (which means the protection is NOT enabled) or Disable Protection (which means the protection IS enabled).
  • (PCI DSS #9) Use only the Credit Card No. field on the Payment Info tab of a customer record to store your customer credit card data.

    Show me

  • (PCI DSS #3) Do not store sensitive authentication data such as card-validation codes (3-digit number near signature panel), personal identification numbers (PIN), or magnetic strip data.

  • (PCI DSS #7) Limit access to credit card data by assigning or removing permission for users to view full customer credit card numbers.

  • (PCI DSS #7, 8) Set complex passwords and change them every 90 days for all users with access to credit card data.

  • (PCI DSS #6) Keep QuickBooks updated by turning on automatic updates.

Note: Intuit does not provide support for tasks completed outside of QuickBooks.

Refer to the Go online Implementation Guide for details about PCI DSS requirements 1, 4, 5, 6, 8, 9, 10, 11, and 12.

See also

10/20/2016 2:26:02 PM
QYPPRDQBKSWS03 9138 Pro 2017 134b1b