Call for Artists, Making Money at Juried Art Fairs, Craft Shows and Festivals
I think the very best thing about the square is that so far I have not received a PCI Compliance Test.
AFAIK you need to state that you are PCI compliant, and have the documentation to prove it. With the old-style machines, this happens once a year. Fees vary according to the merchant provider. I pay about $125 / year. The survey is one way for the merchant services companies to put the onus of providing the documentation on the individual user.
I know that Square hasn't yet implemented a PCI compliance system that involves the end user, but I'm guessing it's only a matter of time. There is really no difference in the way that Square handles the data versus an old-style wireless machine. Both encrypt the data, neither stores the data in unencrypted form locally on the device. So why doesn't Square require PCI-compliance? Beats me.
According to Square's web site, they handle all the compliance. If you do a search on Square and PCI, you'll find some competing merchant services claiming that the the swipe device itself is hackable. I'm staying out of this one. I don't use the Square, yet, and have been happy with all aspects of my merchant services provider, except for the monthly costs. And the PCI fee, of course.
I was approached by a salesman at a show trying to get people to sign up for his service (can't remember which one), and when I told him I use square his main point was I better be careful because square is not pci compliant and I could be liable for theft of data.
Personally (an I admit I have no evidence to back this up) I think it is just a scare tactic. If square was as insecure as he was claiming why would credit cards companies let square operate? I think maybe square figured something out either through software or business model that gave them some sort of competitive edge and lets them work around having the user (us) deal with pci issues. Or maybe they are just taking the responsibility, and not passing it on to us like the other providers do.
Square has been around for a while now, and I have yet to hear of an issue with squares being hacked or data being stolen from users.