For merchants not processing credit cards using ShopKeep Payments or Payment Revolution, contact your merchant processor for assistance.

PCI Self-Assessment and Vulnerability Scan

The Payment Card Industry (PCI) requires all merchants to meet certain data security standards when running credit card sales to avoid penalty. ShopKeep Payments and Payment Revolution merchants can follow the steps below to learn how to complete a PCI self-assessment and vulnerability scan to ensure that each location is compliant.

For support, contact Trustwave support any time at 877-201-3617 or via email at support@pcirapidcomply2.com.

Table of Contents

Registration

All ShopKeep Payments and Payment Revolution account holders will receive an email notification regarding the PCI compliance updates which will be used to complete registration.

  1. Open the pre-registration email from ShopKeep Payments.

    The pre-registration email is sent from donotreply@pcirapidcomply2.com with the subject line REMINDER: Important Updates to PCI Compliance at ShopKeep Payments.

  2. Click 'Complete Registration' or visit www.pcirapidcomply.com and click the ‘Register today’ button.
    Click to Enlarge
  3. Enter your account details. Click 'Continue'.
    Click to Enlarge
  4. Select the option that best describes how credit cards are accepted at your business. Click 'Next'.

    For this example we will use ‘In Person’.

    Click to Enlarge
  5. Select how credit cards are processed.

    For this example we will use ‘Internet’.

    Click to Enlarge
  6. Select the Point-of-Sale (POS) device used at your business. Click 'Continue'.

    For this example we will use ‘POS Terminal’.

    Click to Enlarge
  7. Create your user account, complete the security questions, and accept the terms. Click 'Register' to complete the registration.
    Click to Enlarge
  8. After registration, you will be automatically taken to the PCI Home page. Follow the steps below to run the PCI Self Assessment.

PCI Self-Assessment Questionnaire

IMPORTANT: Please note the below requirements.

  • You must complete a questionnaire for each location.
  • Portions of the questionnaire must be completed at the business location on the business network.
  • The PCI Data Security Standard Self Assessment Questionnaire is a validation tool to confirm that your business locations are compliant with data security standards. Complete a questionnaire for each location.

    1. Click ‘Start’ to begin the PCI Self-Assessment.
      Click to Enlarge
    2. Select the options that best describe how credit cards are run at your business. Click 'Continue'.
    3. Click 'Next' to continue to the Merchant Profile page.
    4. Enter the store's general information.

      If this information has auto-populated, confirm it is correct.

    5. In the Service Providers section, choose 'Yes' to confirm that you are registered with a gateway.
      Click to Enlarge
    6. In the Multiple Acquirers section, select 'No' to confirm that there is one acquirer. Click 'Next'.
      Click to Enlarge
    7. Confirm your business' Merchant ID. Click 'Next'.
      Click to Enlarge
    8. Confirm your previous answers about how credit cards are run at the location, then click 'Next'.
      Click to Enlarge
    9. Click 'Add Product' to enter the devices used to run credit cards.

      This will open the popup seen in step 10.

      Click to Enlarge
    10. Search by vendor or product, and select it from the list. Then choose a version from the dropdown. Click 'Save', then 'Next'.
      Click to Enlarge
    11. Click 'Add Scan Location'.

      This step must be completed at the business location.

      Click to Enlarge
    12. Select 'Physical Location'.
    13. Enter a name for the scan, confirm the IP address, and select 'I agree' to allow the scan. Click 'Submit'.

      Click here to retrieve the external IP address to verify.

      Click to Enlarge
    14. Click 'Scan Now'.
      Click to Enlarge
    15. Choose 'Expert Level Form'. Click 'Next'.
      Click to Enlarge
    16. Select the 'PCI SAQ C 3.2' Questionnaire. Read and check each of the eligibility check boxes that apply to you, then click 'Next'.
      Click to Enlarge
    17. Answer the questions provided in the questionnaire. Click 'Next Section' to move to the next page until each section is complete.
      Click to Enlarge
    18. When all sections are completed, click 'Acknowledge & Submit'.
      Click to Enlarge
    19. Confirm compliant status by checking each checkbox.
      Click to Enlarge
    20. Check the 'Sign' checkbox to apply a virtual signature. Enter your title and the Merchant Executive Officer.
      Click to Enlarge
    21. Click 'Submit'.
    22. The 'Passed' page confirms that the account has successfully passed the PCI Certification process. Click 'Visit your PCI Dashboard' to return to the PCI Home page.

      (optional) Repeat for all other locations if necessary.

      Click to Enlarge

    Run PCI Network Vulnerability Scan

    A Network Vulnerability Scan ensures the network at your location is compliant with the data security standards. Follow below to learn how to run the scan.

    For additional support, contact Trustwave support any time at 877-201-3617 or via email at support@pcirapidcomply2.com.

    IMPORTANT: Please note the below requirements.

  • You must complete a scan for each location.
  • The scan must be done at the business location on the business network.
  • The scan device must be on and connected to the network for the entirety of the scan.
    1. Click 'Set Up' to begin the PCI Network Vulnerability Scan.
      Click to Enlarge
    2. Click 'Scan Now'.
    3. Click 'OK' to run the scan.
    4. The report is complete and automatically sent to Trustwave. Click the 'Scan Results' tab to see the results.

      Trustwave will automatically run scans on the applicable network monthly and email you if any failures are detected, allowing you time to resolve the quarterly requirements.

      Click to Enlarge

    • Help us improve ShopKeep Support. Was this article helpful?
    • YES   NO