Frequently Asked Questions

1. How do I get started with Maxx?

That's easy, to get started just click here to start your application.

2. What happens after I submit my application?

a. Once completed application and supporting documents are received
b. Approval within 24 hours
c. Once approved your file is built, your welcome kit is sent out
d. Tech support will help you or your provider download your terminal or software
e. Entire process can take from 1-4 days

3. If I need help, what number do I call?

a. For sales assistance, please call 800-848-9804
b. For merchant service, please call 800-848-9804

4. When will I be charged for my Merchant fees?

Last business day of the month

5. I need help understanding my bill, what do I do?

Feel free to call our support line at 800-848-9804

6. What credit cards will I be able to accept?

You can accept all major credit cards and debit cards. MasterCard, Visa, American Express, Discover, Diner's Club

7. How often will I receive the funds from my transactions?

Daily

8. Will I receive a statement?

Of course! We will send you a monthly statement - just like your bank.

9. If you have another question - submit it here

PCI Compliance: PCI DSS

FREE equipment upgrade that meets the PCI compliance standards!!

Q: Does my business have to be PCI DSS compliant?

Yes. The Payment Card Industry Data Security Standard (PCI DSS) applies to every organization that processes credit or debit card information, including merchants and third-party service providers that store, process, or transmit credit card/debit card data.

Q: Is this mandatory?

Yes. However, according to the PCI DSS documentation, "PCI DSS requirements are applicable if a Primary Account Number (PAN) is stored, processed, or transmitted. If a PAN is not stored, processed, or transmitted, PCI DSS requirements do not apply."

"The rule of thumb is this: If you house credit card information, in whatever form, if you house the information in your server - the server that you own or you added - then you are basically responsible for complying with PCI DSS." -- Khalid Kark, Forrester Research

Q: What is the PCI compliance deadline?

2010 for merchants 

Q: What is the PCI DSS Visa CISP program?

For Visa, Inc., PCI DSS compliance includes following their Cardholder Information Security Program (CISP), along with the incorporated PCI DSS standards.

Merchants - All merchants including retail (brick-and-mortar), mail/telephone order, and e-commerce. Service Providers - Visa identifies service providers as organizations that process, store, or transmit Visa cardholder data on behalf of Visa members, merchants, or other service providers. Payment Applications - Visa offers a "Best Practices" document for payment applications, with the goal that the payment application must not retain full magnetic stripe data or CVV2 data. As well, as well the software must support a merchants and service providers' ability to comply with the PCI Data Security Standard.

The CISP program includes compliance and validation requirements for the following entities:

Q: What is the MasterCard SDA program?

For MasterCard Inc., compliance and validation includes following its Site Data Protection (SDA) Program, along with the incorporated PCI DSS standards.

The SDA program includes compliance requirements for the following entities:

Merchants - All merchants must become PCI DSS compliant through completing the PCI Self Assessment, PCI Onsite Assessment and PCI Quarterly Network Scanning. While all merchants are required to comply with the Payment Card Industry Data Security Standard (PCI DSS), merchants that store, process or transmit MasterCard account data may also be required to validate compliance with their acquirer.

Service Providers -Third Party Processors (TPP), Data Storage Entities (DSE). Any service providers that store, process or transmit MasterCard account data on behalf of the merchant must also be compliant.

Vendors - Master Card provides a list of Approved Scanning Vendors (ASV), based on the testing requirements laid out in the PCI DSS standard for ASVs.

Acquirers - MasterCard works with acquirers to help merchants obtain SDA certification, as well as PCI DSS certification. The acquirer does not have to go through an SDA certification process, but the acquirer must manage the SDA process for their merchants. The acquirer must certify the merchants' compliance validation tools, as well as registering the merchant with MasterCard.

Q: What are PCI Compliance Merchant Validation Levels?

In order to be PCI DSS compliant, each card issuer has its own criteria for assigning a merchant level and validation compliance classification level for a merchant, third party or service provider.

The merchant level is based on transaction volume for the organization. The validation compliance level is based on the merchant level, and includes the validation actions and who needs to carry out the validation actions, in order to be PCI DSS compliant.

For the majority of organizations, the standards set forth by Visa's CISP program and MasterCard's SDP program covers the qualifications for assigning both a merchant level and compliance level - along with incorporating PCI DSS.

American Express and Discover, at this time, do not have a stringent program in place like Visa or MasterCard, however both companies have a 'best practices' document, which coincides with the PCI DSS.

Q: What are the 12 requirements for building and maintaining a secure network?

In order to build and maintain a secure network, and to comply with the PCI DSS, system components, network components, and data elements related to authorization, data retention, data storage and data transmitting must be secure.

More PCI DSS and PCI Compliance info coming - keep checking back!