Ensuring Payment Card Industry (PCI) Compliance
Merchant Services
To assist you, we have provided instructions below on how you can achieve PCI Compliance.
Two Steps for PCI Compliance
LOGGING INTO THE PORTAL
Step 1:
Select the 'Login' button in the upper right-hand corner of TowneBank.com and select 'Other Services' from the drop down menu and click 'Login'. Select the option in the pop up labeled 'PCI Compliance' to open the PCI compliance portal.
Step 2:
Log into the PCI Compliance portal using your credentials. If you do not know your credentials, you can use the 'Forgot Password' and/or the 'Forgot Username' options or you can contact our Merchant Support team at 866-462-9161, M-F, 9:00 AM - 5:00 PM. Please have your Merchant ID (MID) ready.
Business Profile - Getting Started
The first question will ask your preferred assessment method. Please review the details to make the most appropriate selection:
- If you are not currently PCI compliant and need to obtain a PCI certificate, select the option that says 'Guide Me' and refer to the instructions below labeled "I do NOT have a PCI certificate". If you were previously PCI-compliant with our former processor, please note that you'll need to complete the PCI validation process again.
- If you are already PCI compliant and have a PCI certificate, select the option labeled 'Upload' and follow the instructions below titled "I DO have a PCI certificate".
Need Help? If you would like to speak with a TowneBank PCI Compliance Analyst please call 866-462-9161, M-F, 9:00 AM - 5:00 PM.
Assessment Instructions
-
If you are not currently PCI compliant, please use the following information to answer the Assessment Method questions. Please provide as much information as possible as you are guided through the following types of questions.
How do you accept payments?- List your business premises and provide a summary of the locations where you accept payments.
- Explain how your business handles cardholder data.
- Provide high-level description of how you accept payments.
- What technology you use as well as methods by which you may transfer or store data.
- It's mandatory to apply an "Information Security Policy" which is a document that outlines the procedures you need to follow to handle information security.
- You will be asked if you currently have an Information Security policy. If you don't, you can download a template by clicking 'I use the security policies included in my subscription'. Afterward you will answer additional questions on your information security policy.
After you have completed the profile questions, you will see your dashboard. This is where you will complete your Security Assessment Questionnaire and any other tasks assigned to you. Steps are provided within the system.
Security Assessment Questionnaire (SAQ)
The SAQ is an assessment of how you manage information in your business. The SAQ has prepopulated questions that apply to your business.
To get started, select the 'Manage' button on the 'Complete Security Assessment' tile on your dashboard. -
If you select that you have an existing attestation of compliance, you will be asked a few questions:- The PCI compliance assessment type of your business, which is located on your current certificate.
- Confirm if you use a third party to store or process card payments.
- You may also have to answer additional questions depending on your previous answers.
Please note, in April 2025 we converted to a new processor. If your PCI certificate is under our former processor, you will need to complete the PCI validation process again.