Training / Merchant Support

PCI Toolkit®

PCI Toolkit<sup>&reg;</sup>

The PCI Toolkit® is an interactive, online system that provides the educational tools necessary to complete PCI compliance quickly and accurately. The program intuitively guides you through a Self-Assessment Questionnaire (SAQ) that all merchants are required to perform annually, to identify the needs specific to your business. This is one of the easiest, most user-friendly programs available on the market. 

The PCI Toolkit® enables you to proceed at your own pace through the PCI audit questionnaire and provides an intuitive step by step instruction process, and on average will assist you with completing the SAQ in less than 15 minutes. Merchants with more complex hardware and/or an online system can expect to complete the questionnaire in as little as 30 minutes. The PCI Toolkit® documents your compliance progress and stores your businessresults for future reference.

As a business owner you will receive policies, handbooks, inserts, instant definitions, aids, enhanced explanations, and simplified application practices. The program provides essential training tools to assist with training your staff on how to effectively protect credit cards and personally identifiable information. The PCI Toolkit® was designed with the small to mid-size merchant in mind and provides education, policies and data protection strategies.
Our simple and easy to use online program will walk you through the Self-Assessment Questionnaire (SAQ) and walk you through any of the Building Blocks of PCI Compliance your business may be missing includingWritten Policies, Written Procedures, Employee Handouts and Training Program.


Merchant Requirements:
To satisfy the requirements of the PCI DSS, a merchant must complete the following steps:
  • Identify your General Business Processes (Validation Type) as defined by PCI DSS – see below.  This is used to determine which Self- Assessment Questionnaire is appropriate for your business. 

SAQ Validation Type Description SAQ
1 Card-not-present (e-commerce or mail/telephone-order) merchants, all cardholder data functions outsourced. This would never apply to face-to-face merchants. A
2 Imprint-only merchants with no cardholder data storage B
3 Stand-alone dial-up terminal merchants, no cardholder data storage B
4 Merchants with payment application systems connected to the Internet, no cardholder data storage C
5 All other merchants (not included in descriptions for SAQs A-C above) and all service providers defined by a payment brand as eligible to complete a SAQ. D

  • Allow the Toolkit to guide you through completing the Self-Assessment Questionnaire.
  • For type 4 & 5 merchants, complete and obtain evidence of a passing vulnerability scan with a PCI Security Standard Council Approved Scanning Vendor (ASV). This is required for merchants with external facing IP addresses. Simply put, if you electronically store cardholder information or if your processing systems have any internet connectivity, a quarterly scan by an approved scanning vendor is required.
  • Complete the certification of compliance forms (Attestation of Compliance) on the website.
  • Submit the SAQ, evidence of a passing scan (if applicable), and the Attestation of Compliance, along with any other requested documentation, to your acquirer.
  • The system will then prompt you to complete any required scanning or tasks before issuing a Certificate of Completion.

Instant Online Quote

Get a customized quote and a merchant account application within minutes! No obligation whatsoever and it’s FREE!
Click Here for Quote Form

Free Rate Comparison!

Already processing credit cards or just getting started? Contact us today to get a FREE cost comparison prepared specifically for your business!
Call Now! 1-800-660-7153