PCI FAQs
Why am I being charged a PCI fee?
The Annual PCI Service Fee is assessed by NCR Payment Solutions to mitigate the costs associated with becoming and maintaining compliance, updating terminal software, and replacing non-compliant hardware. NCR Payment Solutions has arranged for you to work with Aperia, one of the leading PCI security accessors, to become PCI compliant. PCI compliance is a requirement of all merchants who accept credit cards as payments. If you need help in accessing the Aperia merchant portal, please email assist.payments@ncr.com.
Can a full credit card number be printed on the consumer's copy of the receipt?
PCI DSS requirement 3.3 states "Mask PAN when displayed (the first six and last four digits are the maximum number of digits to be displayed)." Please note that PCI DSS does not override any other laws that legislate what can be printed on receipts (such as the U.S. Fair and Accurate Credit Transactions Act (FACTA) or any other applicable laws). Some states have passed legislation where there is a significant fine per instance of PAN information printed on credit card receipts. It is highly recommended to not print card numbers or personal information on receipts.
Does PCI compliance apply to us?
If you accept credit or debit cards as a form of payment, then PCI compliance applies to you. The storage of card data is risky, so if you don't store card data, then becoming secure and compliant may be easier.
From a PCI standpoint, what is defined as 'cardholder data'?
The PCI Security Standards Council (SSC) defines cardholder data as the full Primary Account Number (PAN) or the full PAN along with any of the following elements:
- Cardholder name
- Expiration date
- Service code
Sensitive Authentication Data, which must also be protected and may be prohibited from storing, includes full magnetic stripe data, CAV2, CVC2, CVV2, CID, PINs, PIN blocks and more
What is PCI?
The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that companies that process, store, or transmit credit card information maintain a secure environment. NCR Payment Solutions partners with Aperia to help our merchants obtain and maintain PCI Compliance.
For more information, please email assist.payments@ncr.com.
Read more PCI related information from MasterCard and Aperia.
Why do I need to be PCI compliant?
PCI compliance is required for anyone that accepts, stores, or transmits payment card information. The PCI mandate is part of the Card Brand operating regulations under which businesses or individuals are allowed to operate merchant accounts and accept cards for payment. The terms and conditions you sign when you open an account with us state that Card Brand operating regulations must be adhered to.
For more information visit: