PCI Compliance

last updated 11/16/2018

ACS Technologies (ACST) offers a suite of electronic giving (eGiving) solutions: Online | Text | Mobile | Tuition Payments | Event Payments

If you use any of our eGiving solutions, you'll need to learn about PCI compliance and how to become compliant.

If you accept credit or debit cards, you're required to comply with PCI and complete an annual PCI Self Assessment Questionnaire ("SAQ") online.

  • Vanco, your merchant provider will communicate how to complete the questionnaire. If additional steps or requirements are needed, you'll be notified.
  • We've already answered questions about the eGiving solutions you have, but you'll need explain how your organization uses them.
  • If you have questions about your PCI responsibilities, call 1-800-675-7430 or email pcisupport@pci.vancopayments.com.

Frequently Asked Questions

What is PCI?

The Payment Card Industry (PCI) Security Standards Council was created to establish a uniform set of data security requirements for all national card brands, a.k.a. the PCI Data Security Standards (PCI DSS). PCI governs all retail, mail order, telephone order and e-commerce credit card transactions. All organizations that process, store, or transmit payment card data must comply with PCI DSS requirements or risk losing their ability to process credit card payments.

Are your payment processing systems PCI compliant?

Yes. ACST became PCI compliant as a service provider on November 15, 2016. You may view our PCI compliance status anytime by visiting the VISA Global Registry of Service Providers, or the MasterCard Compliant Service Provider list. Attaining PCI compliance underscores our commitment to keeping the data for all of our customers secure and private. Additionally, ACST partners with Vanco, a PCI Level 1-compliant card processor to process all payment card transactions securely.

How do you keep up with PCI mandates and standards changes?

ACST employs a dedicated team of information security professionals who work with PCI-qualified assessors to ensure that our products and environment comply or exceed the latest PCI standards.

Can you provide a copy of ACST's attestation of PCI compliance?

Yes, ACST has met the criteria for PCI Compliance, click here to review the current copy of our PCI Attestation of Compliance (AOC).

Do third parties conduct penetration tests on your products?

Yes, we employ a third-party security firm for expertise and vulnerability testing.

When using an eGiving feature, is it secure?

First, let us explain what eGiving is. When using your credit or debit card for eGiving, there are security measures that need to be addressed on both sides of the transaction:

  • We recommend that customers enable all security measures available for their devices (smart phone, tablet, and / or computer).
  • On the transactional side, both ACST and Vanco meet PCI certification. ACST, the service provider, hosts the web page where you enter your sensitive credit card data. Then, Vanco, the merchant account, accepts and transmits the data. They can also securely reference this card for future gifts.