PCI Compliance and TopsPay

Changes as of May 1, 2026

Tops and Stax (our payment processor for TopsPay) are committed to providing you with the most secure and efficient tools to manage your business when using TopsPay to process your payments through Tops.  To better support your business and simplify your annual requirements, we are transitioning our PCI compliance platform to a new solution powered by Aperia Compliance, a global leader in PCI security. Visit TopsPay PCI Compliance with Aperia for more information.


TopsPay helps you stay compliant with Payment Card Industry standards. Here's how:

Orthodontic Businesses in the Payment Card Industry

  • TopsPay offices are categorized as E-Commerce/Online businesses.
  • Orthodontic offices are considered Healthcare/Retailer businesses.

Processing transactions in TopsPay

  • After payment cards are tokenized, TopsPay uses a Virtual Terminal to process payments.

TopsPay and credit card terminals

  • TopsPay does not require credit card terminals; it allows you to save payment information offsite - this means that you don't have to worry about a credit card machine connected to a potentially insecure network.
  • Because of this you do not have to report manufacturer/model of a credit card machine when asked about your TopsPay PCI compliance.

Storing Credit Card information with TopsPay

  • TopsPay stores Credit Card information for you! It is classified as being stored by a third party.
  • With TopsPay, your website is hosted and managed by a PCI compliant provider.
  • When the Credit Card data is collected, it is collected on a PCI DDS (Payment Card Industry Data Security Standards) validated third party website.

TopsPay transactions and your business

  • Your TopsPay merchant account processes payments for your office location only. It does not process transactions on behalf of other merchants or businesses.

Involvement with third party applications

  • TopsPay does not use third party software such as Google Pay, Venmo, Cash App or Zelle.

Sharing cardholder data with third party service providers

  • What goes in TopsPay stays in TopsPay! TopsPay does not share credit card information with any third party service providers.

TopsPay and network segmentation

  • Tops practices do not have dedicated network for using TopsPay; therefore TopsPay does not utilize network segmentation.

Should you have any questions please contact [email protected] for assistance.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Related Articles