Art Fair Insiders

Call for Artists, Making Money at Juried Art Fairs, Craft Shows and Festivals

Last week I got an email notice that I had to renew my PCI compliance and I think that the outfit that administered the online test was Trustwave or something like that. It was an online quiz about how you handle credit card data and the swipe device ( you and employes). I missed two questions about wireless as it is new to me. I logged on again and retook the test and fa la I passed. Sort of a farce IMO. Just curious if you have to do this with your swipe device as there are a lot of different ones out there. Mine is Aprivapay through my bank. There is a higher PCI fee if you don't take the test.

Views: 220

Reply to This

Replies to This Discussion

I think the very best thing about the square is that so far I have not received a PCI Compliance Test.

AFAIK you need to state that you are PCI compliant, and have the documentation to prove it. With the old-style machines, this happens once a year. Fees vary according to the merchant provider. I pay about $125 / year. The survey is one way for the merchant services companies to put the onus of providing the documentation on the individual user.

I know that Square hasn't yet implemented a PCI compliance system that involves the end user, but I'm guessing it's only a matter of time. There is really no difference in the way that Square handles the data versus an old-style wireless machine. Both encrypt the data, neither stores the data in unencrypted form locally on the device. So why doesn't Square require PCI-compliance? Beats me.

My swipe device is wireless and not an older version. FYI very happy with Aprivapay and support both by phone and in person face to face. I also get $500K insurance for its use. LOL would'nt that be a great show to ripped off at.

According to Square's web site, they handle all the compliance. If you do a search on Square and PCI, you'll find some competing merchant services claiming that the the swipe device itself is hackable. I'm staying out of this one. I don't use the Square, yet, and have been happy with all aspects of my merchant services provider, except for the monthly costs. And the PCI fee, of course.

I was approached by a salesman at a show trying to get people to sign up for his service (can't remember which one), and when I told him I use square his main point was I better be careful because square is not pci compliant and I could be liable for theft of data.
 Personally (an I admit I have no evidence to back this up) I think it is just a scare tactic. If square was as insecure as he was claiming why would credit cards companies let square operate? I think maybe square figured something out either through software or business model that gave them some sort of competitive edge and lets them work around having the user (us) deal with pci issues. Or maybe they are just taking the responsibility, and not passing it on to us like the other providers do.
  Square has been around for a while now, and I have yet to hear of an issue with squares being hacked or data being stolen from users.


Fiber artists -- use this resource to find new buyers:  Advertise with Reach over 60,000 fiber arts lovers.

Our 50 Best Art Fairs

Look Inside the our latest Art Fair Survey:
Who Won and Why

Join the MasterMinds Group for personalized coaching on your Internet Lifestyle Business! 

Video Website Reviews

60 Page Report - Best US Art Fairs

Click Here to
Learn More


  • Add Photos
  • View All

© 2021   Created by Connie Mettler.   Powered by

Badges  |  Report an Issue  |  Terms of Service