MyRec.com Knowledge

Contact us
Home New to MyRec.com? 7. Finance Finance

Completing PCI Compliance

Administrator

Last Update: October 23rd, 2024

In order to remain PCI compliant, you must now complete quarterly scans. This is in addition to the annual questionnaire you have been completing.

These scans are crucial to ensure the ongoing security of your processing environment. Please note that the PCI requirement was mandated by the card brands Visa and Mastercard.

At the start of the compliance questionnaire, you must select your processing environment. If you are only using MyRec.com on the approved merchant account (defined below), your environment will be “Online / E-Commerce.” Please do not select other environments, if you are using the USB swiper that does not qualify as “POS or Credit Card Terminal.” If you are using the software with an EMV Device, please email merchantservices@myrec.com for further instructions. 

Scanning Options 

  1. Scan your department IP address (recommended) 
    1. This should be the option you select
    2. However, if your department has concluded that scanning, and the MyRec.com site is the preferred method, please see the instructions in the following section
  2. Scan the MyRec.com Site

Scanning the MyRec.com Site

If you choose to scan our site, please complete the following: 

  • URL for Scan: The URL to input is secure.myrecdept.com 
  • Scheduling the Scan: You will be presented with an option to schedule a scan
    •  Please do not schedule the scan, as our secure site will not permit it
      • You will need to do a manual scan
  • Manual/Upload Scan Update: Find the option for a manual/upload scan update
    • Once you have selected the manual option, use or download the secure scan report provided below

Important Details for Manual Upload 

When performing the manual upload, you may be asked for the following information:

  • Scan Type: External Vulnerability Scan
  • Document Date/Scan Date: Found on the provided document as the date the scan was completed
  • ASV Provider: MegaplanIT Holdings LLC

Completing the Scan 

After initiating the manual scan, it will take a few hours for the review and confirmation of the scan results.

Post-Scan Requirements 

Once your scan is approved, remember:

  • Quarterly Completion: You must complete this process every quarter, starting from the day your scan is approved
    • MyRec.com will update this article quarterly with the newest scan results
  • Compliance: Completing the scan does not automatically mean you are PCI compliant
    • Ensure you follow all steps requested by your processor and obtain your PCI certification as confirmation

Additional Notes 

MyRec.com does not require a copy of your PCI certificate

  • This is specific to your processor

Certification Importance: The PCI certificate is essential to indicate compliance and avoid penalty fees

 

Glossary 

Merchant Account: Your payment processor establishes a merchant account on your behalf to accept card payments from your customers. If your department uses MyRec.com as the payment processor please follow the instructions above. If you use a 3rd party processor and you take payments using other methods on that approved merchant account (for example: Your rec department uses MyRec.com but on that same account the town uses a different software to collect tax payments). Please speak with your processor and PCI team to confirm you are taking the correct PCI questionnaire. 

 

Related Articles

PCI Compliance

What is PCI Compliance? Payment card industry (PCI) compliance is mandated by cre...

Account Payment Plans (APPs)

Account Payment Plans (APPs) allow members to pay on existing balances that are i...