PCI Compliance – Everything you need to know in 2024

November 29, 2023

Only 43% of American businesses are PCI compliant. Why do millions of merchants pay PCI non-compliance fees and how can you ensure your business remains compliant in 2024?

Telecommunications giant Verizon recently released its annual Payment Security Report. In 2023, Verizon estimates that only 43% of American merchants are PCI compliant. This means that millions of businesses are incurring monthly PCI non-compliance fees and are at risk of major penalties (as much as $5,000 – $100,000 in monthly penalties) from credit card companies.

How can this be? Why are so many merchants throwing away money every month?

Understanding PCI Compliance

Perhaps the primary reason merchants incur PCI non-compliance penalties is a broad lack of understanding of how PCI compliance works. So what, exactly, is PCI compliance?

Payment Card Industry (PCI) compliance is required by credit card companies to help ensure the security of credit card transactions. PCI compliance refers to the technical and operational standards that every merchant must follow to secure and protect credit card data provided by cardholders and transmitted through card payment processing transactions.

What are PCI Compliance Requirements in 2024?

Merchants that implement protocols to follow Payment Card Industry Data Security Standards (PCI DSS) requirements are considered to be PCI compliant. The PCI Security Standards Council is responsible for developing 12 key requirements, 78 base requirements, and over 400 test procedures to ensure organizations are PCI DSS compliant. For many merchants, maintaining compliance with these numerous standards can feel overwhelming. There’s also an unfortunate reality that many Payments Services Providers (PSPs) are de-incentivized to help their merchant partners maintain PCI compliance since they can turn non-compliance into a profit-generating fee machine.

But there’s hope. Maintaining PCI compliance may actually be easier than you think. Partnering with a reputable Payments Services Provider can help merchants quickly obtain and maintain PCI compliance with minimal effort.

How to Obtain PCI Compliance in 2024

In order to conform with PCI guidelines, several protocols should be implemented which are considered security best practices. These 12 major steps are as follows:

  1. Implement firewalls to protect data
  2. Appropriate password protection (such as 2FA)
  3. Protect cardholder data
  4. Encryption of transmitted cardholder data
  5. Utilize antivirus and anti-malware software
  6. Update software and maintain security systems on a regular basis
  7. Restrict access to cardholder data
  8. Unique IDs assigned to those with access to data
  9. Restrict physical access to data storage
  10. Create and monitor access logs
  11. Test security systems on a regular basis
  12. Create a policy that is documented and that can be followed


Additional information on implementing PCI DSS standards can be obtained from the PCI Security Standards Council.

How do merchants know if they are PCI compliant? Here are 3 easy steps to avoid PCI non-compliance fees.

1. Review your merchant processing statements regularly. The #1 reason merchants incur PCI non-compliance fees is simply because they are unaware it’s even happening. Review your statements every month or Get A Free Statement Analysis from a payments expert.

2. Ask your provider about their PCI compliance policy and what services they give to help merchants remain compliant. Surprisingly, many providers avoid assisting merchants with PCI compliance so they can make a profit on non-compliance fees.

3. Make sure your payments technology is compliant. There are 12 core PCI compliance rules. Make sure you know the regulations and whether or not your transaction workflow is compliant. Not sure? Ask an expert.

Contact Sales

Call us Now:

Effective Date: January 1, 2024

1. Scope

1.1. This Agreement applies to and governs Merchant’s access to and use of the Services, Hardware, and Professional Services ordered by Merchant under a Free Hardware and Software Order. The Services may include, but may not be limited to, (a) mobile and web applications for use by Merchant’s Employees and Customers to place orders and process Payments; (b) Point-of-sale hardware for use by Merchant’s Employees and Customers to place orders and process Payments; (c) processing of Payments and facilitating payment of Net Sales Proceeds to Merchant’s Bank Account; (d) providing Merchant with certain reporting on its sales and activities; and (e) working with Merchant with respect to any Customer inquiries related to Payments or placing orders, in each case under Merchant’s account with Quantum Electronic Payments.

2. Merchant Processing Agreement Requirement

2.1. Agreement. The merchant agrees to enter into a Merchant Processing Agreement with Quantum Electronic Payments LLC for a minimum of either 12 months or 24 months as defined by Section 2.2 and Section 2.3.

2.2. Free Smart Terminal Term. Merchants who Order a free Smart Terminal agree to enter into a Merchant Processing Agreement with Quantum Electronic Payments LLC for a minimum of 12-months.

2.3. Free Point-of-sale Station Term. Merchants who Order a free Point-of-sale station agree to enter into a Merchant Processing Agreement with Quantum Electronic Payments LLC for a minimum of 24-months.

2.4. Eligibility. The merchant is not eligible to receive free hardware or software until they have signed a Merchant Processing Agreement with Quantum Electronic Payments LLC.

3. Product List Requirement

3.1. Merchants subscribing to point-of-sale software agree to submit an accurate, up-to-date product list (i.e. menu) containing all product information, modifiers, and pricing to Quantum Electronic Payments LLC.

3.2. The merchant is not eligible to receive free hardware or software until they submit an accurate, up-to-date product list (i.e. menu) containing all product information, modifiers, and pricing to Quantum Electronic Payments LLC.

4. Hardware Ownership

4.1. Eligibility Requirements. The merchant takes ownership of hardware Ordered by the merchant after completion of the eligibility requirements as defined by Section 2.4 and Section 3.2. The specific hardware provided is subject to availability and may change at Quantum Electronic Payments LLC’s discretion.

5. Taxes and Shipping

5.1. Taxes. The Merchant agrees to pay the applicable taxes for the full retail value of all hardware Ordered by the Merchant.

5.2. Shipping. The Merchant agrees to pay the shipping costs of the hardware ordered by the Merchant.

6. Term and Termination

6.1. Merchant Processing Agreement Termination by Merchant. The merchant may terminate their Merchant Processing Agreement (Section 2) with Quantum Electronic Payments LLC at any time.

6.2. Termination by Quantum Electronic Payments LLC. The Merchant Processing Agreement (Section 2) may be terminated by Quantum Electronic Payments LLC at any time and at the sole discretion of Quantum Electronic Payments LLC.

6.3. Early Termination and Hardware Return. If the Merchant Processing Agreement is terminated by the Merchant or by Quantum Electronic Payments LLC prior to completion of the required term as defined by Section 2.2 and Section 2.3, the Merchant is required to pay Quantum the full retail value of the free hardware Ordered by the Merchant; OR the Merchant may choose to return all hardware to Quantum Electronic Payments LLC within 30 days of termination in lieu of paying the full retail value of the free hardware Ordered by the Merchant.

6.4. Full Retail Value. The full retail value of the hardware Ordered by the merchant is defined by the list price displayed when the merchant places their Order.

7. Payment Processing Monthly Minimum

7.1. Merchants receiving free hardware or software agree to a monthly processing minimum as defined by the individual Merchant Processing Agreement entered into by the Merchant.

8. General Provisions

8.1. Governing Law and Jurisdiction. The Parties intend that this Agreement be construed and enforced in accordance with the laws of the State of California without regard to any conflict-of-law or choice-of-law rules, and that the rule of construction that provides that a document is construed against the maker thereof be inapplicable in the construction of any of the terms of this Agreement. The Uniform Computer Information Transactions Act, and the United Nations Convention on the International Sale of Goods, shall not apply to this Agreement.

8.2. Dispute Resolution. Any dispute, claim, or controversy arising out of or relating in any way to this Agreement or the breach, termination, enforcement, interpretation, or validity thereof, including the determination of the scope or applicability of this agreement to arbitrate, or in connection with Merchant’s use of the Services or our websites, shall be determined through confidential binding arbitration before one arbitrator. The confidential binding arbitration shall be administered by AAA pursuant to its Commercial Arbitration Rules, and the parties shall maintain the confidential nature of the arbitration proceeding and the award, including the hearing. Judgment on the award may be entered in any court having jurisdiction. Notwithstanding the foregoing, this Agreement shall not preclude either party from pursuing a court action in the state or federal courts for the sole purpose of obtaining a temporary restraining order or preliminary injunction in circumstances in which such relief is appropriate; provided that any other relief shall be pursued through an arbitration proceeding pursuant to this Agreement. In any event, any action or proceeding by Merchant against Quantum Electronic Payments LLC relating to any dispute must commence within one year after the cause of action accrues.

8.3. Prohibition of Class and Representative Actions and Non-Individualized Relief. Except where prohibited by Applicable Law and Rules, Merchant and Quantum Electronic Payments LLC agree that each may bring claims against the other only on an individual basis and not as plaintiff or class member in any purported class or representative action or proceeding. Unless both Merchant and Quantum Electronic Payments LLC agree otherwise, the arbitrator may not consolidate or join more than one person’s or party’s claims and may not otherwise preside over any form of a consolidated, representative, or class proceeding. Also, the arbitrator may award relief (including monetary, injunctive, and declaratory relief) only in favor of the individual party seeking relief and only to the extent necessary to provide relief necessitated by that party’s individual claim(s).

8.4. Pre-Arbitration Dispute Resolution. Quantum Electronic Payments LLC is always interested in resolving disputes amicably and efficiently, and most concerns can be resolved quickly and to the participant’s satisfaction by contacting Quantum Electronic Payments LLC’s support team. If such efforts prove unsuccessful, a party who intends to seek arbitration must first send to the other, by certified mail, a written notice of dispute (the “Notice of Dispute”). The Notice of Dispute must (i) describe the nature and basis of the claim or dispute and (ii) set forth the specific relief sought. If Quantum Electronic Payments LLC and Merchant do not resolve the claim or dispute, despite good faith attempts, within sixty (60) calendar days after the Notice of Dispute is received, Merchant or Quantum Electronic Payments LLC may commence an arbitration proceeding. During the arbitration, the amount of any settlement offer made by either party shall not be disclosed to the arbitrator until after the arbitrator determines the amount, if any, to which the parties are entitled.

8.5. No Waiver. The failure of either party to enforce any right or provision in this Agreement will not constitute a waiver of such right or provision unless acknowledged and agreed to by such party in writing; and any waiver with respect to a specific circumstance will not constitute a waiver of the same provision or any other provision of this Agreement for any subsequent circumstance unless expressly provided by such written agreement, except that Quantum Electronic Payments LLC may modify this Agreement to comply with, and as a result of, amendments to Applicable Laws and Rules. The Section headings are provided merely for convenience and will not be given any legal import in the interpretation or enforcement of this Agreement. No joint venture, partnership, employment, or agency relationship exists between Quantum Electronic Payments LLC and Merchant as a result of this Agreement or use of the Services.

8.6. Entire Agreement. This Agreement, together with all exhibits, attachments, and addenda incorporated by reference herein and in any Orders and/or Quantum Electronic Payments LLC Master Services Agreement, represent the parties’ entire understanding relating to the Services and the subject matter hereof and thereof, and supersede any prior or contemporaneous, conflicting, or additional communications, whether written or verbal, and will control over any different or additional terms of any non-Quantum Electronic Payments LLC ordering document, and no terms included in any such purchase order or other non-Quantum Electronic Payments LLC ordering document will apply to the Services or Hardware. This Agreement may be amended only by written agreement signed by the parties, except (i) that Quantum Electronic Payments LLC may update this Merchant Agreement via a general notice to its customer base by providing reasonable notice and having Merchant check a box agreeing to such updated Merchant Agreement. If any provision of this Agreement is held by an arbitrator or court of competent jurisdiction to be invalid or unenforceable, if the essential terms and conditions of this Agreement for each party remain valid, binding, and enforceable, then such provision(s) will be deemed to be restated and construed to reflect the original intentions of the parties in accordance with Applicable Law and Rules with respect to the invalid or unenforceable provision(s), and with all other provisions of this Agreement remaining in full force and effect.

8.7. Assignment. Merchant may not assign this Agreement without the prior written approval of Quantum Electronic Payments LLC, such approval not to be unreasonably withheld or delayed.

8.8. Electronic Signature. Signatures transmitted and received electronically, such as through transmission of a scanned or faxed document, or via secure email or a service such as AdobeSign or a process that otherwise requires typing your name and acknowledging it as an electronic signature, or electronically indicating assent, acknowledgement or acceptance of an agreement, document or other writing, are true and valid signatures for all purposes hereunder and shall bind the parties to the same extent as that of a live signature on paper. Any transactions or services resulting from the Merchant’s instructions which Quantum Electronic Payments LLC receives in the Merchant’s name or under the Merchant’s credentials, including any electronic signature, shall be deemed to have been “a writing” and authenticated by the Merchant “in writing” for purposes of any law in which a writing or written signature is needed or required. All electronic signatures and records maintained by Quantum Electronic Payments LLC of transactions under the Merchant’s or its authorized users’ credentials shall be deemed to have been “signed” and will further constitute an “original” when printed from records established and maintained by Quantum Electronic Payments LLC or its agent in the normal course of business. The Merchant agrees not to contest the authorization for, or validity or enforceability of, Quantum Electronic Payments LLC’s electronic records and documents, or the admissibility of copies thereof, under any applicable law relating to whether certain agreements, files or records are to be in writing or signed by the party to be bound thereby. Records and “signed” documents, if introduced as evidence on paper in any judicial or other proceedings, will be admissible to the same extent and under the same conditions as other documentary business records.

8.9. Representatives. Each party shall be primarily responsible for each of its respective Representatives’ compliance with this Agreement.