Skip to content
English
Go to Table Needs
  • There are no suggestions because the search field is empty.

How to Complete Your Annual PCI Compliance Survey

Every business that accepts credit or debit cards is required to complete an annual PCI compliance survey. This survey confirms that your business handles card data safely and meets the security standards set by Visa, Mastercard, American Express, Discover, and JCB.

Your payment processor, Global Payments (via Banc Card), manages this process through a tool called the PCI Compliance Tool. You'll receive an email from support@pciapply.com with the subject line "Annual PCI Compliance – Welcome" — it won't mention Table Needs or Banc Card, but it's completely legitimate.

This guide walks you through the entire survey, step by step. Set aside about 15–20 minutes for your first time. Every year after that, it goes much faster since you're mostly confirming nothing has changed.

Before You Start

You'll need two things from the email you received:

  • Your Merchant ID (listed near the top of the email)
  • Your Password: Last 5 digits of your Merchant ID followed by your capitalized state abbreviation. For example, if your Merchant ID ends in 23456 and you're in Alabama, your password would be 23456AL.

Step 1: Log In and Set Up Your Profile

Go to www.pciapply.com/globalpayments and log in with the credentials from your email.

The first time you log in, you'll see an Update My Profile screen. Fill in your first and last name, then create a new password and choose a security question. Your new password must be at least 8 characters and include at least 1 number, 1 letter, and a special character like "-" or "!". It cannot contain the characters < or >.

Click Submit when you're done.

PCI-1 Log In_v2

Step 2: The Welcome Page

After logging in, you'll land on the Welcome to your PCI Compliance Tool page. This is your home base — it shows the five steps you'll work through:

  • Merchant Information
  • Questionnaire Selection
  • Questionnaire and Network Scan
  • Review and Sign
  • Print Reports

Click the Get Started button in the bottom-right corner to begin.

PCI-2 Welcome_v2

Step 3: Merchant Information

This step has four parts. Here's how to work through each one.

Part 1 — Verify Your Business Info

You'll see your business name, address, phone number, and contact details pre-filled. Check that everything looks correct. If anything needs updating, click the Edit button in the top-right corner of the section.

You'll also see a question asking if your organization is a service provider. Select No.

PCI-3 Merchant Info_v2

Part 2 — Payment Channels

This section asks about how your business accepts payments. For most Table Needs customers:

  • Check the box for Card-present (this means customers tap or swipe a card at your counter)
  • Leave Mail order/telephone order (MOTO) and E-Commerce unchecked unless you also accept payments through those channels
  • "Do you electronically store or transmit consumer account data?" — Select No
  • "Are any payment channels not included in this assessment?" — Select No

Click Save.

PCI-4 Payment Channels_v2

Part 3 — Relationships

This section asks about third-party service providers. For most Table Needs customers, the answer to all three questions is No:

  • "Do you have relationships with third-party service providers that handle your account data?" — No
  • "Do you engage third-party service providers managing system components within your PCI DSS assessment scope?" — No
  • "Do you work with third-party service providers that could impact the security of your Cardholder Data Environment?" — No

Click Save.

PCI-5 Relationships_v2

Part 4 — Processing Solution

This section asks how you process credit cards.

Select P2PE from the icons. (P2PE stands for Point-to-Point Encryption, which is the encryption method your PAX terminal uses.)

Two follow-up questions will appear:

  • "Do you store any sensitive cardholder data electronically?" — Select No
  • "Does your business use network segmentation to affect the scope of your PCI DSS environment?" — Select No

A P2PE section will expand below. Click Add Solutions, and a pop-up will appear. Fill in the four dropdown fields:

  • P2PE Solution Provider: Global Payments Direct, Inc.
  • P2PE Solution: Global Payments P2PE
  • Reference Number: 2022.00056.003
  • P2PE Devices: PAX Computer Technology (Shenzhen) Co Ltd

If your specific device doesn't appear in the dropdown, click the link that says "click here to type it in manually."

Click Save in the pop-up.

PCI-6 Processing Solution_v2

 

PCI-7 P2PE Solution_v2Step 4: Agree and Continue

After saving your Processing Solution, you'll see your P2PE details listed in a summary table.

Check the box that says "I have read and agreed to the end-user license agreement" and click Save & Continue.

A confirmation pop-up will appear asking you to confirm your eligibility to take the P2PE questionnaire. Read through the four statements, check the box that says "I agree that the statements above are true", and click Continue.

PCI-8 Save Processing Solution_v2

PCI-9 Confirm Eligibility_v2

Step 5: Complete the Questionnaire

You'll now see the Questionnaire P2PE page. It has four sections: Protect Stored Account Data (3 questions), Restrict Physical Access to Cardholder Data (8 questions), Support Information Security with Organizational Policies and Programs (10 questions), and Progress Report and Charts.

Click Start Questionnaire to begin.

For each question, you'll see response options: In Place, In Place with CCW, Not in Place, and Not Applicable. For most Table Needs customers using our standard setup, the correct answer to each question is In Place. This confirms that your business follows the required security practices.

If you hover over the info icon next to any question, you'll see a tip explaining what it means.

Work through all three sections, selecting In Place for each question. When you've finished the last section, click Continue.

You'll see a summary page showing a Pass badge next to each section. Click Continue to move on.

PCI-10 Start Questionnaire_v2

PCI-11 Questionnaire Section 1_v2


PCI-13 Questionnaire Menu_v2

Step 6: Review and Sign

This is the final step. You'll see a review page with a summary of your answers.

Part 2B — Transaction Processing

Confirms your P2PE processing details. If anything looks off, click Edit to go back and fix it.

EMV Chip Card Question

You may see a question asking: "Is your terminal enabled to accept EMV chip cards?" Click Edit and select Yes.

Part 3A — Confirmation of Compliance

Read through the four compliance confirmation statements. These confirm that your self-assessment was completed accurately and that your payment system does not store sensitive authentication data after authorization. Check all four boxes.

Part 3B — PCI DSS Validation

This section will show a Compliant badge. Enter your name in the Merchant Executive Officer Name field, your title in the Title field, and the last 4 digits of your Tax ID or Social Security number in the final field.

Click Submit.

PCI-14 Questionnaire Section 2_v2
PCI-15 Questionnaire Section 3_v2

Step 7: You're Done

After submitting, head to the Documents tab at the top of the page. You'll see three documents available:

  • Attestation of Compliance — your official compliance record
  • Questionnaire Answer Sheet — a record of your responses
  • Certificate of Completion — your PCI compliance certificate

You can view, print, or email any of these documents for your records.

PCI-16 Document Review_v2

 

Need Help?If you get stuck at any point, we're here. Email us at support@tableneeds.com or call/text (720) 821-4691. We'll walk through it with you.