Skip to main content

PCI Compliance

What PCI compliance is, how Carpay dealers complete required PCI questionnaires, and how to avoid non-compliance fees.

This article explains what PCI compliance is, why it matters for your dealership, and how you can remain compliant when accepting credit and debit card payments through Carpay.

What Is PCI?

PCI stands for Payment Card Industry compliance or Payment Card Industry Data Security Standard (PCI DSS).


PCI DSS is a global security standard created by the major card networks (including Visa, Mastercard, American Express, Discover, and JCB) to protect cardholder data when it is stored, processed, or transmitted. All merchants that accept card payments must comply with these standards.

Carpay and PCI

If Carpay provided you with a merchant account, you must complete a PCI compliance questionnaire to remain compliant with the card brands (Visa, Mastercard, etc.).

PCI Compliance timeline

  • You have 90 days (3 months) from merchant account approval to complete the PCI compliance questionnaire.

  • If you do not complete the questionnaire within 90 days, a non-compliance fee of $74.95 per month will begin to be charged.

  • The fee may increase over time if the questionnaire remains outstanding past the grace period.

  • Once you complete the compliance questionnaire and receive your certificate of compliance, your merchant account will remain compliant for 1 year from that date, and the non-compliance fee will be waived during that period.

How to complete your PCI Compliance questionnaire

Most merchants use the online compliance portal included with their merchant services. For example, most merchants can access the PCI compliance tools by visiting Secure Trust and completing the required questionnaire.

You can access the Secure Trust portal by using this link.

If you have multiple merchant IDs or need help with compliance registration, contact Carpay Support.

Why PCI Compliance matters

PCI compliance is intended to protect cardholder payment information and prevent fraud. Becoming and staying PCI compliant helps your dealership:

  • Protect customer card data from breach

  • Maintain good standing with card networks and processors

  • Avoid fines or additional fees associated with non-compliance

  • Demonstrate commitment to secure payment handling

PCI DSS is a set of technical and operational requirements designed to keep card data secure throughout processing and storage.

Ongoing compliance

Maintain compliance by:

  • Completing the required questionnaire on time each year or as required

  • Following your payment processor’s guidance for any scans or self-assessment surveys

  • Keeping any PCI-related accounts active and up to date

Failure to complete compliance requirements can result in monthly non-compliance charges and risk to your ability to process card payments.

Did this answer your question?