When you sign up for Storable Payments, you are required to comply with the Payment Card Industry Data Security Standard (PCI DSS), which helps protect your business and your customers’ payment data. PCI compliance is critical to help your business avoid fines and penalties, minimize fraud and liability, and improve trust with your clients. To support you in this process, Storable partners with ControlScan by VikingCloud, a PCI compliance partner that offers tools and resources to help you meet these requirements.
Storable ID with Multi-Factor Authentication may be required for enhanced security and compliance. For instructions enabling Storable ID, visit our Help Article for step-by-step guidance.
For common FAQs associated with PCI compliance, see our help article.
As a reminder, you are solely responsible for your compliance with all applicable laws and regulations. If you have any questions about applicable laws and regulations, consult with your legal counsel.
Jump to each section of this article using the links below:
Log into VikingCloud Directly in Portal
Log into VikingCloud through email
Complete Your Business Profile
Setting up a PCI Scan with VikingCloud
Log into VikingCloud directly in Portal
If you already have a VikingCloud account, you can login directly in their portal. Go to https://complywithpci.com/safemaker/login/portal, enter your MID / username & password and click Login.
Note: If you forgot your password, click Forgot password. Enter the username and email associated with your account and click Submit. Make sure to input the same email that was initially used to set up your merchant account. This is also the email address where you may have received other messages related to PCI compliance.
Note: If you forgot your username, click Forgot username. Enter the email and MID associated with your account and click Submit. Make sure to input the same email that was initially used to set up your merchant account. This is also the email address where you may have received other messages related to PCI compliance.
You should have also received a welcome email titled “Welcome to your PCI DSS Program” from notifications@complywithpci.com when you first activated your Storable Payments account. That message includes your login details and helpful information about your compliance program
Log into Viking Cloud through welcome email
You will receive a welcome email at the Merchant Account Administrator/Owner email address you used to sign up for Storable Payments. The email will be sent from notifications@complywithpci.com. This email will contain the Merchant ID/Username you will use for your account(s).
Click Log in here to log into the portal and complete the necessary tasks.
You will receive a second email with a link to set your password. Click Set Password here from the email.
Please note: If the password link has expired, log in with your Merchant ID/ username and click Forgot password. Make sure to input the same email that was originally used to set up your merchant account.
Complete your business profile
Completing your business profile provides the tool with a comprehensive understanding of your cardholder data environment. The answers shown below are standard responses for how most of our clients interact with our software. It is imperative that you, as the merchant, answer the questions accurately with respect to your processing environment. Consult with your legal counsel with respect to any questions you have about applicable laws and regulations.
Once you’re logged into the online portal, click Manage in the Your business profile section.
Check I understand the statement about the updated profile process and click Next.
Select Guide Me to use the profiling tool to help determine the scope of your PCI DSS compliance requirements. Click Next.
Select the Yes radio button to indicate that you have a relationship with a payment service provider (Storable Payments) and click Next.
Click Add your own Third Party Service Provider and enter Storable Payments. Click Next.
Click Add and type Storable Payments as your Third Party Service provider. Click Next.
Select the No; your organization doesn’t provide payment related services. Click Next.
Select the processing methods you use
- Select Virtual Terminal for processing payments through Storable Edge
- Select Ecommerce for processing payments through your website
- Select Payment Terminal for Card swiper/EMV device payments
Click Next.
The following questions may or may not appear depending on how you answered the previous question.
Select how credit card numbers are entered in the virtual terminal (Storable Edge). Click Next.
Select how the payment page is implemented on your website:
- If you have a website from Storable, select Entire internet presence outsourced
- If your website is built by another company but Storable provides the payment page, select Payment Page Entirely Outsourced.
- If your website is built by another company, send us the payment data for processing, select Payment page partially outsourced.
- If you’ve built your own payment page, select Direct Post.
Click Next.
Select whether your business stores credit card numbers electronically. If you do not store credit card numbers outside of Storable Payments, select No. Click Next.
Select Yes, you have a relationship with a 3rd party service provider who manages system components (Storable).
Select Yes; Storable Support provides remote support. You may also have other vendors that provide remote support; please answer accordingly. Click Next.
Select No; your business does not allow remote administrative access. Click Next.
Select Yes or No, depending on your business’ password policy. Click Next.
Select Yes to agree with the eligibility statement and click Next.
For assistance with scanning and security assessments, we recommend contacting Control Scan directly.
Storable ID with Multi-Factor Authentication may be required for enhanced security and compliance. For instructions on enabling Storable ID, visit our Help Article for step-by-step guidance.
Setting Up a PCI Scan with VikingCloud
Once you’re logged into the online portal, click Manage in the Be scan compliant section.
|
If you have multiple IP addresses/computers, choose Manage multiple domains / IP addresses. If you are already PCI compliant through another company, choose Upload Results. Otherwise, click Schedule Scan. |
On the next screen, provide all required information and click Schedule Scan at the bottom. The scan will begin on your chosen date and time.
You can obtain your computer’s IP address by visiting whatismyip.com and your domain’s IP address by visiting nslookup.io.
Consult with your IT team or a qualified security professional to confirm the appropriate setup and scanning requirements for your specific environment.