Has anyone verified if Zoho is PCI compliant?

Has anyone verified if Zoho is PCI compliant?

We are planning on using Zoho to process payments via Authorize.net. We have everything set up and are attempting to complete the PCI DSS SAQ-A requirement for our merchant account. This requires us to prove Zoho has completed the SAQ-D for Service Providers. We need a way to verify compliance, or a copy of an attestation of compliance signed by the appropriate officer at Zoho.

I assume I'm not the first person to use Zoho to process payment, and therefore not the first to require this information as part of a PCI DSS SAQ. What have other people used? I've made a few requests to Zoho but haven't received any confirmation about the status of their PCI compliance.

One red flag came up when I called. The person I spoke to claimed that Zoho didn't need to be PCI compliant, "because we don't store credit card numbers". This is completely untrue. Even if you exchange the credit card data for a token, it is still a payment instrument, and subject to the same level of compliance as if it was the original credit card number. Perhaps this person didn't know, but if Zoho is PCI compliant then this person, who has access to a system making payments, should have been trained as part of that compliance, at least at some nominal level where they are aware Zoho has a PCI compliant security policy!


      • Sticky Posts

      • Introducing Invoice Consolidation for Offline Subscriptions

        Hello Folks, Glad to announce the feature of Invoice Consolidation for Offline Subscriptions. If you are having multiple subscriptions for your customers, now, you can send a single consolidated invoice for all the Offline Subscriptions that are getting renewed on the same date. Advantage?  Customers will be receiving single invoice instead of multiple invoices upon renewal. Also reduces your efforts in follow-up with your customers for payment collections. For Example: If Customer has Subscription

      • New feature: Create back-dated subscriptions

        Hello from the Zoho Subscriptions team. :)   We’re happy to announce that today marks the launch of a much-awaited feature: creating back-dated subscriptions!   From here on out, whenever you create a new subscription with an activation date that is earlier than the present date, you’ll no longer get an error. Instead, you'll be creating a back-dated subscription. This means that the subscription started at that earlier point in time. The next billing date will be calculated automatically based on

      • Announcement Regarding Notification Emails

        Hello Everyone! This announcement is regarding the admin notification emails which you've been receiving from the email address "support@zohosubscriptions.com". From the 1st of October, 06:00 GMT, the emails with the following subjects will be sent from "no-reply@zohosubscriptions.com". Unable to send invoice for the profile - {profile_name} Unable to process auto payments. If you have set up any filters or workflow in your email account, please add "no-reply@zohosubscriptions.com” and  “support@zohosubscriptions.com”

      • Zoho Subscriptions plugin for WordPress

        Zoho Subscriptions plugin for WordPress allows you to easily embed your plan specific checkout page in an iframe with just a few mouse clicks and without a single line of code. How can WordPress Zoho Subscriptions Plugin boost your productivity? It's now easier to embed Zoho Subscriptions checkout page in your WordPress site. Forget the old method of logging in to Zoho Subscriptions, copying a URL and scripting to make adjustments. All this can be done automatically through this plugin. A great time

      • Indian GST organisation Migration Guide

        With respect to the new GST regime releasing on July 1, 2017in India, Zoho Subscriptions Indian edition is also gearing up to make your business GST Ready. This article focuses on how to get your existing organisation in Zoho Subscriptions to migrate to the new GST regime.    Note:  Any organisation created on or after July 1, 2017 will already be GST ready. You wouldn't have to migrate your organisation. Migrating your existing organisation to support GST To migrate your existing organisation to