Frequently Asked Questions

How is JLE Consultants different from working with my bank?

Your bank outsources credit card processing. It’s a side business for them and an additional source of income. At JLE, this is all we do. We assist with making your payments secure and lowering your overall cost to process cards, while supporting your customer service needs on a personal basis.

How much does it cost to set up payment processing for my company?

JLE offers a free assessment of your business needs. There are no contractual obligations to working with us, just fair-honest pricing and a solution that fits your needs. In 99% of cases, you will save significant amounts of money by working with JLE. Any equipment that may be necessary to purchase is done so at ‘our’ negotiated costs.

How long does it take for JLE Consultants to set up my Payment Processing?

Once the initial assessment is completed, JLE can have you up and running with your custom fit payment processing solution within 7-8 business days.

What is PCI Compliance and why is it important?

Payment Card Industry (PCI) Compliance is adherence to a set of specific security standards that were developed to protect card information during and after a financial transaction. By completing your PCI compliance with a “Passing” status, you are adhering to standards set forth by the PCI Security Council that will help to prevent the theft of your sensitive credit card data.

PCI Compliance is not a legally mandated requirement. There are many companies that are not compliant. These companies however are charged on a monthly basis for being out of compliance and if there is a breach of credit card data, the fines are significantly higher. Fines from the individual card brands can be as high as $500,000. Being in compliance is the best business practice when it comes to accepting credit card payments.

Here’s a good resource for more detailed information https://www.pcisecuritystandards.org/

How many times do I have to complete my company’s PCI Compliance Questionnaire?

A PCI Compliance certification should be done on an annual basis, or when processing systems and equipment are updated.

What SAQ do I take?

Below are the different levels of PCI compliance based on the method of credit card acceptance:

  • Card-not-present merchants (e-commerce or mail/telephone-order) that have fully outsourced all cardholder data functions to PCI DSS validated third-party service providers, with no electronic storage, processing, or transmission of any cardholder data on the merchant’s systems or premises. Not applicable to face-to-face channels.
  • A-EP* E-commerce merchants who outsource all payment processing to PCI DSS validated third parties, and who have a website(s) that doesn’t directly receive cardholder data but that can impact the security of the payment transaction. No electronic storage, processing, or transmission of any cardholder data on the merchant’s systems or premises. Applicable only to e-commerce channels.
  • Merchants using only:
    • Imprint machines with no electronic cardholder data storage; and/or
    • Standalone, dial-out terminals with no electronic cardholder data storage. Not applicable to e-commerce channels.
  • B-IP* Merchants using only standalone, PTS-approved payment terminals with an IP connection to the payment processor, with no electronic cardholder data storage. Not applicable to e-commerce channels.
  • C-VT Merchants who manually enter a single transaction at a time via a keyboard into an Internet-based virtual terminal solution that is provided and hosted by a PCI DSS validated third-party service provider. No electronic cardholder data storage. Not applicable to e-commerce channels.
  • Merchants with payment application systems connected to the Internet, no electronic cardholder data storage. Not applicable to e-commerce channels.
  • P2PE-HW Merchants using only hardware payment terminals that are included in and managed via a validated, PCI SSC-listed P2PE solution, with no electronic cardholder data storage. Not applicable to e-commerce channels.
  • SAQ D for Merchants: All merchants not included in descriptions for the above SAQ types. SAQ D for Service Providers: All service providers defined by a payment brand as eligible to complete a SAQ.
What does “out of scope” mean as it relates to my PCI Compliance?

“Scope” refers to the parts of the company’s network that are affected when processing a credit card transaction and as a result, are subject to PCI Compliance. By processing credit cards in a P2PE (Point-To-Point Encrypted) environment, card processing is taken outside of the network, or “out of scope”.

Can I be PCI Compliant without the security scan?

If your organization processes cards through an internet connection, a security scan of the network is usually required on a quarterly basis. The only way to avoid this scan is by implementing a P2PE (Point-To-Point Encrypted) system.

Can I store credit card numbers and still be PCI Compliant?

Storage of credit card numbers can be done as long they are stored in a tokenized format and entered within a P2PE environment.

Can JLE’s payment processing solutions integrate with our accounting software or ERP?

JLE integrates with Quickbooks and Sage accounting software at all levels. We also integrate with Microsoft, Oracle, and SAP built ERPs.

Have a question you don't see here?

Use this form to ask us!