Payment Card Industry (PCI) Compliance FAQs

Learn about how to handle Payment Card Industry (PCI) compliance with Finix.

PCI compliance refers to the technical and operational standards businesses follow to secure and protect credit card data provided by cardholders and transmitted through card processing transactions. PCI standards for compliance are developed and managed by the PCI Security Standards Council.

How does Finix handle PCI compliance?

Finix is PCI DSS Level 1 the highest level of compliance and payment security standards merchants can comply with to securely store, transmit, and process credit card information.

What does this mean for merchants?

Finix being level 1 compliant means that merchants can attest to Pre-Filled PCI SAQ forms that Finix is the technological layer tokenizing the cards. Meaning merchants can stay out of having to undergo PCI Audits.

How does attestation to the PCI forms work?

Finix uses the merchant's information that was provided at onboarding to prefill these PCI SAQ forms. This makes the attestation a simple process where the merchant does not need to fill these forms out, merely attest or ‘sign’ the form.

All merchants must complete forms within 90 days of onboarding or face a $35.00 per month fine.

How can these forms be completed?

Finix offers merchants two ways to complete PCI compliance forms:

Platforms/Marketplaces can either:

  • Invite merchants to their sub-merchant dashboards.
    • They can do so by opening the merchant's Identity in the Finix Dashboard - then under Team click Add Team Member.
    • Once the merchant has accepted the invite they can click Company on the sidebar > Compliance > Attest.
  • Use the Finix API to build out the PCI experience within their own platform. For more details, see Managing PCI Compliance.

Individual Businesses can click Company on the sidebar > Compliance > Attest.

Are there any notification settings within the dashboard to set up reminders for PCI forms for my merchants?

Finix does not have custom notifications for PCI settings available to set up in the dashboard at this time. For any other questions on PCI Forms email support@finix.com