PCI Compliance is an important security measure to protect credit card data. If payment integration is with OpenEdge or Square, then you are automatically PCI compliant as the card data passes directly from client to merchant provider, but for others (authorize, payjunction) it runs through our server first, and even though we don't store the card details, since it first goes through our server before passing to the merchant gateway, it would be deemed non-compliant.
Many merchant providers charge a PCI compliance fee or non-compliance fee. Sometimes they tell you it's because you aren't compliant and sometimes they tell you the fee is passed on to you to cover their own costs to be PCI compliant. Anyway it never hurts to call and ask your merchant provider to see if you can avoid those fees.
To avoid a monthly non-compliance fee showing up on your merchant account statement, please read the following.
You'll need to fill out the questionnaire when you first start, and then also annually (you should get an email notifying you).
If you are getting the monthly fee and can't find the necessary emails:
1. Get your OE Merchant ID
2. Call ControlScan at 800-370-9180
3. Fill out questionnaire they provide (see here to make sure you get the shorter version)
4. When asked about Processing Method, be sure to choose the 'Payment page outsourced to third-party provider' option