We would like to inform you of essential updates regarding PCI compliance requirements for stores using the FD150 standalone terminal as their primary Point of Sale.
New SAQ Categorization for PCI Compliance
Due to recent changes in PCI standards, the FD150 terminal no longer qualifies as a Point-to-Point Encrypted (P2PE) solution. As a result, stores using this terminal must now complete the SAQ B-IP and follow the associated compliance requirements.
Requirements for SAQ B-IP Compliance
To meet SAQ B-IP standards, your store will need to:
- Use a Managed Firewall: Monitor all traffic within the Cardholder Data Environment (CDE) to ensure data security.
- Complete SAQ B-IP Annually: Required in place of the previous SAQ P2PE.
- Conduct Quarterly Vulnerability Scans: To be performed by an Approved Scanning Vendor (ASV).
- Attest to Compliance: Sign the attestation after successfully completing your SAQ and scan to confirm your compliance.
How Clark Is Supporting Your Compliance
To help streamline this transition, Clark is implementing the following solutions:
Managed Firewall Solution and UPS (Uninterruptible Power Supply):
- Partnership with PDI: Clark has partnered with PDI to provide each store with a Cradlepoint E300 firewall and managed network security services including monitoring and compliance tasks.
- Payment Protection: the included UPS will help protect your payment equipment and daily transactions during power surges or outages.
- Direct Shipment & Setup: The firewall will be shipped directly to your store, with easy-to-follow setup instructions.
- Simple Billing: Clark will simplify billing by combining your $70 network fee, $49.99 terminal rental, and the $105 firewall costs into one monthly bundle rate of $179.99.
SAQ B-IP, Quarterly Scans, and Attestation Support:
- Aperia’s Compliance Tool: Clark utilizes Aperia’s platform to simplify the process of selecting the correct SAQ for your store.
- SAQ B-IP Selection: Clark’s client service team will use a product code to pre-answer the preliminary questions in Aperia’s tool. This step identifies B-IP as the correct SAQ for your store, allowing you to focus solely on completing the SAQ itself.
- Scanning Setup: Aperia’s portal will prompt you to schedule your quarterly vulnerability scan. If you’re on your store’s internet connection, the portal will detect your store’s IP address. Otherwise, you will need to manually input your store’s IP address.
- Attestation Reminder: Once your SAQ and scan are successfully completed, Aperia’s portal will guide you to sign your attestation, completing the compliance process.
Checklist of Next Steps for FD150 Terminal Users
- Expect delivery of an E300 firewall along with a UPS at your location soon.
- Follow the included instructions to set up your new equipment.
- Access Aperia’s portal at go.clarkbrands.com/aperia:
- Complete the SAQ B-IP questionnaire.
- Schedule and pass quarterly scans.
- Sign your attestation of compliance.
If you have any questions, please reach out to us. We’ll do our best to provide answers or connect you with the appropriate place for more technical inquiries. Our FAQ section also offers detailed guidance on many common topics.
Thank you for your continued partnership with Clark.