Skip to Main Content

Protect your Organization with Free PCI Compliance Tools

Our PCI Compliance Program, created in partnership with SecureTrust, helps you keep your credit card data safe, and is free to all Neon One customers.

Get Started

What is PCI Compliance?

Payment card industry (PCI) compliance is a set of rules and regulations that protect credit card data from hackers and scammers. If your nonprofit accepts credit cards you are required to adhere to PCI data security standards. This process can be confusing, but ignoring it puts your organization and donors at risk. That’s why Neon One offers the industry’s only free PCI Compliance Program to all of our customers—to keep you and your supporters safe.

70%

of data breaches target small businesses, and cost the organization between $36,000 and $50,000

What does the PCI Compliance Program include?

Tools, training resources, and templates

Annual compliance certification support

$100,000 in data breach protection

TOOLS, TRAINING, RESOURCES

Gain knowledge to keep your data safe

Don’t know much about PCI compliance? Don’t worry. You’ll have access to tools, training, and templates that make it easy to keep your organization protected.

Learn More

ANNUAL CERTIFICATION SUPPORT

Simplify your annual certification process

With PCI Self-Assessment Questionnaire (SAQ) assistance, quarterly Approved Scanning Vendor (ASV) scans, plus chat, email, and phone support.

Get Started

DATA BREACH PROTECTION

Protect your nonprofit in case of a breach

Neon One customers enrolled in the PCI Compliance Program are eligible to receive up to $100,000 in breach coverage.

Stay Protected

Protect your organization with free PCI Compliance

Already a customer?

Get started today!

Enroll Now

Not a customer yet?

Learn about our products and services

Talk to a Representative

FAQ

What is the Neon One PCI Compliance Program?


The Neon One PCI Compliance Program is a free program we offer in partnership with SecureTrust, a leading PCI compliance and cybersecurity vendor. It is offered to all Neon One customers and provides PCI compliance certification assistance, security scans, and access to training and resources. This program gives our nonprofit customers the tools they need to keep their data secure, mitigate credit card fraud, and protect themselves from security breaches.

Is my nonprofit required to be PCI Compliant?


While PCI compliance is not part of any law, it is an internationally-used set of regulations that comes with significant penalties and costs for organizations that don’t apply to the requirements. Any organization accepting credit card transactions is required to be PCI compliant.

As a Neon One customer, you are encouraged, but not required to participate in this program.

Is Neon One PCI Compliant?


Yes. Neon One is PCI-DSS Level 1 compliant and re-certifies annually.

If I use only Neon One products and do not accept payments elsewhere, do I still need to be PCI compliant?

Yes. All organizations accepting credit card payments are required to certify compliance with PCI standards, regardless of the tools they use. Software vendors who host payment pages, like Neon One, are also required to annually certify their compliance.

Using a software vendor that is certified PCI Compliant is an important part of the compliance process. Using Neon One’s technology in addition to certifying your organization’s own PCI Compliance is a great way to keep data protected end-to-end. 

If I don’t accept credit card payments at all, do I need to be PCI Compliant?

No. Only organizations accepting credit card payments are required to certify compliance with PCI standards.

What does the Neon One PCI Compliance Program include?


When you sign up for Neon One’s PCI Compliance program, your organization immediately receives access to a SecureTrust compliance account and its merchant portal. By creating a SecureTrust account, your organization receives the following:

– Self-Assessment Questionnaire (SAQ) assistance
– Quarterly Approved Security Vendor (ASV) scans
– 24/7 phone, chat, and email support
– Training resources
– Policy templates
– $100,000 in data breach protection

How much does the PCI Compliance Program Cost?


Enrollment into the program is free for all Neon One customers.

Does using Neon Pay cover my nonprofit in the case of a data breach?


While Neon Pay provides encrypted, tokenized credit card processing, it does not protect your organization from all angles. Along with using a secure, encrypted payment processor, making sure your organization is handling sensitive data correctly and has the right technology policies in place, in accordance with industry standards, is the best defense against data breaches.

How does Neon One offer this program?


Neon One partners with SecureTrust, a leading cybersecurity and compliance firm, to bring this program to our customers. When you enroll in the Neon One PCI Compliance program, a SecureTrust account is created for your organization.

How do I enroll in Neon One’s PCI Compliance Program?

To enroll in the free PCI Compliance program, log in to the Neon One Portal and click the PCI Compliance menu option. Click Enroll Now to designate a PCI Compliance Contact at your organization. This should be a technology administrator or someone at your organization who is responsible for managing the technology systems you use. Our partner, SecureTrust, will provide login credentials and access to their compliance portal via email within 24 hours. Certification guidance, security tools, training materials, policy templates, and more, are all available in the SecureTrust portal as long as you are enrolled in the program.

My organization hasn’t certified PCI Compliance before. What does this process look like?


Certifying compliance with a SecureTrust account consists of three main steps.

1. Complete your Business Profile information
2. Set up quarterly Approved Security Vendor (ASV) scans 
3. Complete the Self-Assessment Questionnaire (SAQ) and Attestation of Compliance (AOC)

The SecureTrust support team is available 7 days a week to answer any questions you have before, during, or after the compliance certification process.

Can I enroll in this program if I’m not a Neon One customer?


No. Our program is currently available only to Neon One customers.

How often does my organization need to certify compliance?

PCI Compliance is required to be certified each year. When you certify compliance, it is valid for one calendar year, after which time it expires. SecureTrust will notify your main PCI Contact of the upcoming expiration date and guide you through the process of re-certifying compliance. Luckily, all of your previous information is stored. 

Can I add other members of my organization as SecureTrust users?


Yes. Your PCI Contact can create additional users in the SecureTrust portal and receive full access. Note that these users will not be synced to Neon One Portal.

Can I update my main PCI Contact on file?

Yes. Your PCI Contact can be updated in the SecureTrust portal. This update will then be synced to Neon One Portal and reflected on the PCI Compliance page.

How do I cancel this service?

If you would like to cancel your SecureTrust service through the Neon One PCI Compliance program, please reach out to your Neon One support team or account representative, and we will arrange the deactivation with SecureTrust.

Where can I find more information about PCI Compliance?

Our PCI Compliance program through SecureTrust offers 24/7 support from PCI Compliance experts. If you’d like to learn more about PCI Compliance on your own, we recommend visiting the PCI Security Standards Council’s website and resource library.