TSB

Computers and Software => Business/Shop Management Programs => Topic started by: balloonguy on December 16, 2025, 01:10:47 PM

Title: pci and quickbooks (is this legit)
Post by: balloonguy on December 16, 2025, 01:10:47 PM

Hey All,
I got this email (addressed to me). Has anyone seen this? It looks legit but skeptical of all the scams out there. I don’t see any notifications on the quickbooks page.

This is Karson from SecurityMetrics.

Intuit Quickbooks has partnered with SecurityMetrics in order to help their merchants achieve PCI Compliance. PCI Compliance was created in 2006 by VISA, MasterCard, AMEX, Discover and JCB. Small businesses must annually complete a Self Assessment Questionnaire (SAQ) verifying they are securely handling credit card information. As per Intuit's Terms of Service, each business that receives revenue via credit card transactions is required to comply with PCI compliance requirements.

Recently the PCI DSS was updated to the 4.0.1 standards that has new requirements specifically to address Ecommerce Businesses and Online Retailers .

Currently you are not being reported as "Compliant" with the new 2025 4.0.1 standards, but we can help.

In just a few additional steps, we can help you finish this process:

Log in to SecurityMetrics: www.securitymetrics.com (http://www.securitymetrics.com)
Answer a few self-guided questions online.
Choose the PCI Compliance package that best fits your processing method.
Complete the Self-Assessment Questionnaire (SAQ).
We're here to help with any questions you might have about this process. Looking forward to hearing from you soon to ensure your compliance is reported to Intuit.

Note: If you're primarily using "e-invoicing" and don't handle card data face-to-face, PCI Compliance is still required but the process is simplified online.

More information about our partnership with Intuit: https://quickbooks.intuit.com/learn-support/en-us/help-article/data-security/explanation-pci-dss-compliance-services/L5tbibLub_US_en_US (https://quickbooks.intuit.com/learn-support/en-us/help-article/data-security/explanation-pci-dss-compliance-services/L5tbibLub_US_en_US)


Sincerely,

Karson Staley
Account Manager
801.995.6400 | SecurityMetrics.com
 

Title: Re: pci and quickbooks (is this legit)
Post by: screenxpress on December 16, 2025, 05:33:10 PM

This might help:

https://www.reddit.com/r/QuickBooks/comments/1fejkoq/to_everyone_wondering_whats_up_with_this/ (https://www.reddit.com/r/QuickBooks/comments/1fejkoq/to_everyone_wondering_whats_up_with_this/)

IMO, I thought Quickbook was just accounting software.  If that's right, I doubt you need to have any interface (SecurityMetrics) between you and Quickbooks as they are not the ones you have to prove compliance to. 

AI says:
To prove PCI compliance, you typically fill out a Self-Assessment Questionnaire (SAQ) or get a Report on Compliance (RoC), depending on your transaction volume, and submit it to your acquiring bank or payment brand; you'll also do scans and might need a QSA for higher levels, with the specific process determined by your payment processor and business type


Reading more looks like QB and SM are in bed together.....for a cost of course.  Looks kind of GRAY to me, but you can get some interesting comments found on the QB web site:
https://quickbooks.intuit.com/learn-support/en-us/employees-and-payroll/self-assessment-questionnaire-pci-compliance/00/1288235 (https://quickbooks.intuit.com/learn-support/en-us/employees-and-payroll/self-assessment-questionnaire-pci-compliance/00/1288235)

I don't take credit cards so Good Luck on your decision.