Zipzap Processing PCI Self Certification Support Documentation For Churches and Charities using Pushpay ver 2016.05 Disclaimer The information contained in this document is not suitable for every merchant. It is provided as a guideline only. Merchants should answer each question presented in the self certification process as honestly and accurately as possible. This document may be used as a reference that indicates a compliant response for some scenarios, but selecting a compliant response does not guarantee your actual compliance. If you have questions during the selfcertification process, you are encouraged to use the online chat facility provided by Trustwave or to call a Trustwave expert using the number provided for assistance. You are also welcome to call Zipzap Processing Zipzap on 844 ZIP ZAPP if you are not satisfied with the support you have received from Trustwave. Pushpay is a Level 1 PCI DSS Service Provider the highest possible level. Why do I still need to be compliant? PCI Compliance is a requirement for any merchant who accepts credit cards, directly or indirectly. Merchants who are only accepting donations via Pushpay have the simplest self certification process. Merchants who manually process credit cards using the Pushpay Virtual Terminal have some additional compliance questions to ensure the computer environment in which they enter card data is secure. Both scenarios are covered in this document. New Merchants After signing up with Zipzap for your merchant processing using Pushpay, you will receive an email from Trustwave who is the company Zipzap uses for managing merchants PCI compliance. You have a 60 day grace period to self certify after which time a non compliance fee of $19.95 is issued each month until you complete the self certification process. We encourage you to take the time to complete this and both Trustwave and Zipzap will work with you to help you avoid any non compliance fees. Inside this email you will find a link to PCI Rapid Comply the online self certification tool from Trustwave. Click to open the link This will open your web browser and take you to the PCI Rapid Comply website: https://login.pcirapidcomply2.com/ This website uses the Adobe Flash Player. If you see the following or similar prompt, confirm the URL as above and rightclick to play Adobe Flash Player. If the URL is not as above, do not continue. Please call us on 844 ZIP ZAPP for assistance.
New merchants will need to complete their initial registration, confirming ZIP/Postal Code, and the Authorized/Primary Contact for PCI certification. Once complete, click Continue. By default, your Username is pre populated with your Merchant ID. We recommend keeping this as is. Otherwise you can change it to something else such as your email address if you prefer. Create a password, review and accept the agreement, complete the security questions and click to Register.
Existing Merchants At Your Anniversary As you approach the end of your anniversary you will receive an email alert that your PCI Compliance will expires soon with a link to PCI Rapid Comply the online self certification tool from Trustwave along with your USERNAME Click to open the link This will open your web browser and take you to the PCI Rapid Comply website: https://login.pcirapidcomply2.com/ This website uses the Adobe Flash Player. If you see the following or similar prompt, confirm the URL as above and rightclick to play Adobe Flash Player. If the URL is not as above, do not continue. Please call us on 844 ZIP ZAPP for assistance. Next, you will be prompted to login. 1. Click Password in I forgot my Password Your Username should automatically be prepopulated. If it is not, you will be able to find your Username just below the Login to PCI Rapid Comply button in the email you received. After you click Send My Password, a password reset email should arrive in your email inbox within the next 30 seconds containing a link similar to the following: To reset your password, please click here: https://login.pcirapidcomply2.com/portalcore/home/plm/reset=xyzabc123 Click the link. Your Username should auto populate. Enter and confirm a new password, then click the Change Password button.
The PCI Rapid Comply Dashboard by Trustwave Regardless of whether you registered and logged in for the first time, or you are renewing your PCI Compliance prior to your anniversary, after logging in you will be taken to the PCI Rapid Comply Dashboard. Only STEP 1 in the popup below is relevant for the majority of Zipzap s merchants. Throughout this guide, please follow the prompts shown in order of the red circles as shown below. From the Dashboard, you can begin the PCI Self Assessment by clicking the Start button marked
PCI Self Assessment Merchant Profile Confirm your Merchant ID Click Next Business Environment Card Acceptance Verify your business environment. If you already have completed a previous PCI assessment, your selections will be predefined. Click Change to update your responses, otherwise click Next to continue
Web Sites If your web site links through to a Pushpay hosted payments page, you need to add the following: Click Add Web Site > enter www.pushpay.com [this is the site that hosts your payments] Click Next to continue Service Providers Click Add Service Provider
Search for First Data GGe4 [this is the Gateway that connects Pushpay to First Data] Select First Data GGe4 (Global Gateway) from the list Select Web Site Payment Processing from the Services Provided Click Save to continue Repeat for Pushpay Click Add Service Provider
Search for Pushpay Select No Match, Add New from below the list box Select Web Site Payment Processing from the Services Provided Select PCI Compliant = Yes [Pushpay is PCD DSS Level 1, Ver 3.x Compliant] Click Save to continue
Click Next Business Environment If the way you processing cards hasn t changed since your last assessment, select the Express Renewal option If you ve made changes to your processing environment or are unsure, select Start new Self Assessment Click Next
If you chose the self assessment, skip this page. Express Renewal (Skip this screenshot if you elected to start a new self assessment) Verify and confirm the eligibility criteria on the left Acknowledge & Submit
Self Assessment Select the Start new Self Assessment option and click Next Accept the Warning to lose any saved assessment data and continue Select the Step By Step option and click Next
This is a reminder that this is only a guide and you must read and select the most accurate option presented This question is related to storing credit card data electronically. Pushpay does this so you shouldn t have to.
Verify and confirm the eligibility criteria (on the left) Acknowledge & Submit (on the right) Verify each of the statements
Sign and then Submit (on the right)