Q: CLS_Birmingham: For those of you taking credit cards, what are you doing to be PCI compliant? I’m in the process of setting everything up to take credit cards via SAP’s client portal and I need to make sure we’re fully protected.

Legally, what do I need to do to take credit cards?

A: vanncann: You will have to take a little test from what I remember. It’s pretty simple, you just keep all numbers locked in a safe and it’s that easy. I finally got away from the processors and got the Square card reader for my phone and it works great. That’s something to think about. It’s a lot cheaper and no minimum monthly charges required.

CLS_Birmingham: What do I need to do if I want to do reoccurring payments through client portal though? Since I know those are going to be stored electronically. Or am I better off not allowing it for security purposes? And what type of insurance do I need to get?

I thought about the Square, the only issue is the majority of clients using credit card payments are monthly maintenance clients that I wouldn’t be able to meet with to swipe the card.

kandalawncaremgr: With Square you can type them in manually. I used it all last year. Works great. You can send receipt by text or email. Also, it records your cash intake if you want to choose to track cash.

grandview (2006): I can’t think of the name it’s called for the credit card insurance, but it protects you if the cards numbers are stolen somehow. If your numbers are stolen then you will need to provide credit card reports to these customers for so long. Check with your agent and then double-check with the credit card company.

Puttinggreens: I could be wrong, but I’m pretty sure once you set a client up, what you actually see in SAP is just the last four digits, not the whole number.

It is there for you to make reoccurring charges, but you, or someone else, can’t see the whole number and copy it to steal.

Chat with SAP, they will fill you in quickly.

bohiaa: You don’t need insurance, your merchant account will handle this.

But, like earlier posters stated, there are many POS options these days. The phone processors are a definite plus. It’s much safer than a merchant account. The liability doesn’t fall on you.

Yes, you have to take a little test. Mainly it’s BS. But there is some good info there. If they didn’t give you the test then you wouldn’t read it. This pretty much releases you of any liabilities of credit card abuse.

I believe it’s called reasonable care, as long as you don’t go screaming someone’s credit card number and its expiration date, you’re covered.

grandview (2006): If you’re keeping credit card numbers on file you better have omissions insurance. This covers loss and all the credit card reports you will have to pay for, among other things.