FLOPAY PROCESSING LLC processes and transmits cardholder data through systems that maintain PCI DSS Level 1 compliance — the highest tier of certification under the Payment Card Industry Data Security Standard. Level 1 applies to processors and merchants handling more than 6 million card transactions annually and requires an annual on-site assessment by a Qualified Security Assessor.

What this means for your business

When you process payments through FloPay Processing, the secure handling of cardholder data is our responsibility, not yours. Our certified infrastructure covers point-of-sale terminals, online payment gateways, tokenization, vaulting, and the transmission of card data to the card networks.

What we handle

Tokenization and storage of cardholder data in a PCI-validated vault
End-to-end encryption from terminal to processor
Annual on-site Level 1 audit by a Qualified Security Assessor
Quarterly external network vulnerability scans
Penetration testing and ongoing security monitoring
PCI compliance documentation for our merchants on request

What you handle

As a merchant, you are still responsible for your own physical and operational security — for example, restricting employee access to terminals, securing your network, keeping POS firmware up to date, and protecting any printed receipts that may carry card data. We provide guidance and tools to help you meet your own PCI SAQ requirements at no additional charge.

Validation and reporting

FloPay Processing’s Attestation of Compliance (AOC) and Report on Compliance (ROC) summary are available to merchants and their auditors on written request. Contact us at the address below.

Contact

For PCI documentation requests, security disclosures, or compliance questions:

FLOPAY PROCESSING LLC
Email: conroy@flopayprocessing.com
Phone: (631) 769-3994