For merchants not processing credit cards using ShopKeep Payments, contact your merchant services provider for assistance.
PCI Security Self-Assessment
The Payment Card Industry (PCI) requires all merchants to meet certain data security standards when running credit card sales to avoid penalty. ShopKeep Payments merchants can follow the steps below to learn how to complete a PCI self-assessment to ensure that each location is compliant.
For help with the Self-Assessment Questionnaire or other PCI related questions, contact Clover Security Support via email at firstname.lastname@example.org, or call at 866-957-1807.
Table of Contents
All ShopKeep Payments account holders will receive an email notification regarding the PCI compliance updates which will be used to complete registration.
- Open the pre-registration email from ShopKeep Payments.
The pre-registration email is sent from email@example.com with the subject line “Welcome to your PCI DSS Program”.
- Click the provided link in the email, or visit www.cloversecurity.com.
- Click ‘First sign-in’.
Having trouble logging in? Click on ’Forgot username’ or ‘Forgot password’, or contact Clover Security support at 866-359-0978.
- Enter your 15 digit Merchant Identification Number (MID) and the verification text, then click ‘Register’.
Your Merchant Identification Number can be found in your ShopKeep Payments welcome email.
- Click ‘Start business profile’.
Watch the video to learn more about PCI Data Security Standard.
- Confirm that the information for your business is correct, then click ‘Next’ to complete registration.
If any information needs to be updated, email ShopKeep Payments Support at firstname.lastname@example.org.
- You will automatically be directed to the PCI Self-Assessment Questionnaire. Follow the steps below to learn how to complete it.
PCI Self-Assessment Questionnaire
The PCI Data Security Standard Self-Assessment Questionnaire is a validation tool to confirm that your business locations are compliant with data security standards.
For help with the Self-Assessment Questionnaire or PCI related questions, contact Clover Security Support via email at email@example.com, or call at 866-957-1807.
You must complete a questionnaire for each location.
- Select 'Face to Face' for how credit cards are accepted at your business, then click ‘Next’.
ShopKeep merchants must select ‘Face to Face’ even if you also accept online payments.
- Select the device(s) used at your business to accept card payments then click ‘Next’.
Select ‘I use an integrated/electronic Point of Sale (iPOS/ePOS) system (a POS computer system running a payment application that includes an attached or integrated card reader device)’ then click ‘Next’ and continue to step 3.
- For an iPP320, iPP350, iCMP, Link/2500, or QuickBooks Bluetooth card reader, go to step 2a below.
- For a Clover device such as the Clover Go or the Mini, built by Clover, go to step 2b below.
- For an iDynamo credit card swiper, go to step 2c below.
Select this option if you use an iPP320, iPP350, iCMP, Link/2500, or QuickBooks Bluetooth card reader.Select ‘I have a Clover device’ then click ‘Next’.
Select this option if you use a Clover Go, The Mini, built by Clover, Clover Flex or Clover Station.Select the Clover device(s) used at your business, click ‘Next’, then skip to step 7 below.
For this example, we will select ‘Clover Go’.Select ‘I use a mobile (smartphone, tablet etc) device to accept face to face payments’ then click ‘Next’.
Select this option if you use an iDynamo credit card swiper.Select ‘Yes’ for the first and second questions, ‘No’ for the third question, then click ‘Next’.
The iDynamo is a plug-in credit card swiper that is used with the ShopKeep app on an iPad. With ShopKeep, the iPad is not used to access a virtual terminal.Select ‘I confirm’, click ‘Next’, then skip to step 7.
- Select ‘Yes’ and click ‘Next’.
Point-of-sale hardware from ShopKeep is loaded with approved point-to-point encryption.
- Select ‘Yes’, then use the search bar to find and select ‘FreedomPay’, then click ‘Next’.
Using a Clover device? Skip this step.
- Use the search bar to search for and select the device(s) you use to run credit cards, then click ‘Next’.
For this example, we will select ‘Ingenico Link/2500’.
- Select ‘No’ and click ‘Next’.
ShopKeep does not store, print, or report the full card number, only the last 4 digits.
- Select ‘Yes’ or ‘No’ for each question, and click ‘Next’.
ShopKeep does not support or facilitate sending or receiving card numbers.
- Select the option that best describes the Information Security Policy you have in place for your business and click ‘Next’. If you do not currently have a policy in place, click ‘Download’ to download a policy template to use.
For this example, we will select ‘I already have an Information Security Policy in place…’.
- Click ‘Download your free security guide here’ to download a security guide, check both boxes, then click ‘Next’ to complete your business profile.
Please read the security guide, which covers key security points you need to be aware of as part of your commitment to data security.
- Click ‘Manage’ under ‘Complete security assessment’.
The number of questions required to complete the security assessment may vary based on the card reader being used at your location. If you use an iDynamo credit card swiper, answer ‘Yes’ for all questions.
- Click ‘Yes’ for question 3.1(a).
After a credit card transaction has been completed in the ShopKeep Register app, only the card type and last 4 digits of the customer card number is retained. No other data is stored in ShopKeep or on card reader devices.
- Click ‘Yes’ for question 3.1(b).
The ShopKeep Register app does not store any cardholder data that would later need to be deleted.
- Click ‘Yes’ for question 3.1(c).
The ShopKeep Register app does not store any unnecessary cardholder information and does not retain cardholder data any longer than required.
- Click ‘Yes’ for question 3.1(d).
- Click ‘Yes’ for question 3.1(e).
- Click ‘Yes’ for question 3.2.2.
Credit card verification codes are not stored in the ShopKeep Register app or shown on receipts.
- If prompted with additional questions, continue to answer each question according to common practice within your business.
- After answering all questions, click ‘Next’.
- Review submitted information by clicking the drop-down arrow for each section, confirm all provided information is accurate, then click ‘Confirm your Attestation’.
- PCI self-assessment is now complete. If any information in ‘Your business profile’ or ‘Complete security assessment’ needs updating, click ‘Manage’ for the relevant section to re-answer questions.
- (For multi-location merchants only) Repeat steps 1 - 19 to complete a questionnaire for each additional location.
If you have any issues during the security assessment or questionnaire, or if you would like to learn more about additional Clover Security solutions, contact Clover Security Support at 866-957-1807 or firstname.lastname@example.org.