The Payment Card Industry Data Security Standard (PCI-DSS) aims to enhance security for consumers by setting guidelines for any company that accepts, stores, processes, or transmits credit card information regardless of the number of transactions or the size of those transactions.

If a Paladin client uses WorldPay for their credit card processor, they will have to complete an annual PCI-DSS Compliance questionnaire from SaferPayments. If they do not complete the questionnaire or fail it, then they will be charged a $20 monthly fee until they are compliant.

Important: SaferPayments does make outbound calls to contact stores but will NEVER ask for an MID. If asked for an MID, consider it phishing and report the issue to SaferPayments.

Note: For assistance with the questionnaire, contact SaferPayments at 833.534.8422

The following sections provide information to help clients successfully pass the SaferPayments questionnaire:

Complete Business Profile

The client will receive an email from SaferPayments instructing them to complete the questionnaire. This email will also provide the credentials needed to log in to saferpayments.yoursecurejourney.com.

  1. Sign in to SaferPayments with the credentials sent.
  2. Under Your business profile, click Manage.

SaferPayments/Your business profile/Manage
Figure 1: SaferPayments/Your business profile/Manage

  1. In the Before You Begin screen, enable Select this option if it is your first time…

Before You Begin screen
Figure 2: Before You Begin screen

  1. Click Next.
  2. In the How Do You Accept Payment Cards? window, depending on how the client accepts payment cards, they should check either Face to face, Mail or telephone order, or both.

Note: DO NOT select e-Commerce store. This only applies if the client has their own website where they collect card payments.

How Do You Accept Payment Cards? window
Figure 3: How Do You Accept Payment Cards? window

  1. Click Next.
  2. In the How Do You Accept Your Mail and Telephone Order Customer Card Payments window, the client should check whatever box(es) applies to them. Most likely, the client will enable the Phone option only.

How Do You Accept Your Mail and Telephone Order Customer Card Payments window
Figure 4: How Do You Accept Your Mail and Telephone Order Customer Card Payments window

  1. Click Next.
  2. In the How Do You Accept Card Payments Via Mail and Telephone Order window, enable No.

How Do You Accept Card Payments Via Mail and Telephone Order window
Figure 5: How Do You Accept Card Payments Via Mail and Telephone Order window

  1. Click Next.
  2. In the Transactions Over the Telephone window, enable My customers give their payment card number over the phone to a person in my organization or call centre.

Transactions Over the Telephone window
Figure 6: Transactions Over the Telephone window

  1. Click Next.
  2. In the Your Telephone System Call Handling window, enable No.

Your Telephone System Call Handling window
Figure 7: Your Telephone System Call Handling window

  1. Click Next.
  2. In the Storage of Electronic Cardholder Data window, enable No.

Storage of Electronic Cardholder Data window
Figure 8: Storage of Electronic Cardholder Data window

  1. Click Next.
  2. In the Your Employees Access to Data window, enable No.

Your Employees Access to Data window
Figure 9: Your Employees Access to Data window

  1. Click Next.
  2. In the How You Accept Card Payments window, check I use an integrated Point of Sale (POS) system that includes a connected hardware terminal; payment data is routed through the POS to the processor.

How You Accept Card Payments window
Figure 10: How You Accept Card Payments window

  1. Click Next.
  2. In the Use of Point to Point Encryption Solution window, enable Yes.

Use of Point to Point Encryption Solution window
Figure 11: Use of Point to Point Encryption Solution window

  1. Click Next.
  2. In the Your Point-to-Point Encryption Solution window, enable Yes.

Your Point-to-Point Encryption Solution window
Figure 12: Your Point-to-Point Encryption Solution window

  1. Click Next.
  2. In the Payment Methods Using Point to Point Encryption window, check Integrated point of sale (POS) system. 

Payment Methods Using Point to Point Encryption window
Figure 13: Payment Methods Using Point to Point Encryption window

  1. Click Next.
  2. In the Your Point-to-Point Encryption System window, for Ingenico ISC credit card devices , type “worldpay” in the search field, then check WorldPay NA P2PE (Combining WP Direct, WP Express & WP B2B).


Figure 14: WorldPay NA P2PE (Combining WP Direct, WP Express & WP B2B)

  1. Click Next.
  2. In the Your Point-to-Point Encryption System window, for Ingenico Lane credit card devices, type “bluefin” in the search field, then check Bluefin Payment Systems – Bluefin P2PE.

Your Point-to-Point Encryption System window
Figure 15: Your Point-to-Point Encryption System window

  1. Click Next.
  2. In the Your Worldpay NA Poit-toP0int Encryption (P2PE) PTS Device window, choose the appropriate answer (this can be an “and/or” selection). The client might have to look at the model number on the credit card device.


Figure 16: Your Worldpay NA Poit-toP0int Encryption (P2PE) PTS Device

  1. Click Next.
  2. In the Third Party Manage System Service Providers window, enable Yes.


Figure 17: Third Party Manage System Service Providers

  1. Click Next.
  2. In the Managed System Component Providers window, in the Your service providers text box, type in Paladin Data Corp.
  3. Click the + sign.


Figure 18: Managed System Component Providers

  1. Click Next.
  2. In the Internal Security Assessor window, enable No.


Figure 19: Internal Security Assessor 

  1. Click Next.
  2. In the PCI Qualified Security Assessor window, enable No.


Figure 20: PCI Qualified Security Assessor

  1. Click Next.
  2. In the Notice window, click OK.

Notice window
Figure 21: Notice window

  1. In the Your Customer’s Payment Card Authentication Data window, enable Yes, No, Yes.

Your Customer's Payment Card Authentication Data window
Figure 22: Your Customer’s Payment Card Authentication Data window

  1. Click Next.
  2. In the Printed Paper Receipts and Reports window, enable No.

Printed Paper Receipts and Reports window
Figure 23: Printed Paper Receipts and Reports window

  1. Click Next.
  2. In the Other Uses of Card Numbers window, enable No, No.

Other Uses of Card Numbers window
Figure 24: Other Uses of Card Numbers window

  1. Click Next.
  2. In the Your Company Policy for Information Security window, enable I do not have an Information Security Policy in place at the moment, I will implement a security policy using the template provided.
  3. Click the Download link and save the Security Policy template to the client’s desktop.

Your Company Policy for Information Security window
Figure 25: Your Company Policy for Information Security window

  1. Click Next.
  2. In the A Summary of How and Where You Handle Card Payments window, use the answers provided in the following image.

A Summary of How and Where You Handle Card Payments window
Figure 26: A Summary of How and Where You Handle Card Payments window

The Business Profile is complete.

Back to Top

Complete Security Assessment

There are 5 questions to answer in the five Are Data-Retention and Disposal Policies, Procedures, and Processes Implemented as Follows windows.

The answers are generally “Yes,” but these questions should be answered to the best of your ability. If you need any assistance in understanding these questions, reach out to the SaferPayments support team at 866-493-8692.

  1. In the Merchant Executive Officer window, enter the Title and Name of the client’s organization/store executive officer.

Merchant Executive Officer window
Figure 27: Merchant Executive Officer window

  1. In the Attestation window, click Confirm your Attestation.

Attestation window
Figure 28: Attestation window

The Security Assessment is complete, and the client is now PCI compliant. 

  1. Click Download AOC and save the completed questionnaire to the client’s desktop (AOC stands for Attestation of Compliance).

Download AOC
Figure 29: Download AOC

Back to Top

If you have questions or suggestions about this information, contact support@paladinpos.com.

*Content is subject to change. For the most recent version, visit the Help Portal.
Printed on: 11/07/24