PCI Compliance and TopsPay

TopsPay helps you stay compliant with Payment Card Industry standards. Here's how:

Orthodontic Businesses in the Payment Card Industry

• TopsPay offices are categorized as E-Commerce/Online businesses.
• Orthodontic offices are considered Healthcare/Retailer businesses.

Processing transactions in TopsPay

• After payment cards are tokenized, TopsPay uses a Virtual Terminal to process payments.

TopsPay and credit card terminals

• TopsPay does not require credit card terminals; it allows you to save payment information offsite - this means that you don't have to worry about a credit card machine connected to a potentially insecure network.
• Because of this you do not have to report manufacturer/model of a credit card machine when asked about your TopsPay PCI compliance.

Storing Credit Card information with TopsPay

• TopsPay stores Credit Card information for you! It is classified as being stored by a third party.
• With TopsPay, your website is hosted and managed by a PCI compliant provider.
• When the Credit Card data is collected, it is collected on a PCI DDS (Payment Card Industry Data Security Standards) validated third party website.

TopsPay transactions and your business

• Your TopsPay merchant account processes payments for your office location only. It does not process transactions on behalf of other merchants or businesses.

Involvement with third party applications

• TopsPay does not use third party software such as Google Pay, Venmo, Cash App or Zelle.

Sharing cardholder data with third party service providers

• What goes in TopsPay stays in TopsPay! TopsPay does not share credit card information with any third party service providers.

TopsPay and network segmentation

• Tops practices do not have dedicated network for using TopsPay; therefore TopsPay does not utilize network segmentation.