Nearly every week, there is a news story about another large retailer falling victim to a credit card data breach.

What the news doesn’t report are the many small businesses targeted by data thieves. The impact of these breaches is expensive, inconvenient and potentially financially devastating for businesses of all sizes.

A recent study conducted by the Harris Institute and sponsored by Cintas Corp. found that 2/3 of U.S. adults would not return to a business if their personal information was stolen.

Bluefin is an industry leader in payments technology. Bluefin’s PayConex gateway was the first payment solution in North America to be validated by the Payment Card Industry (PCI) Security Standards Council (SSC) as meeting the Point-to-Point Encryption Data Security Standard (P2PE) and we continue to devote much of our resources to security tools and innovation.

In addition to ensuring that our technology and procedures are secure, it is also important to keep our merchants armed with the tools and information needed to protect your business. We take a proactive approach for PCI self-review, education and insuring your business against potential loss by enrolling our clients in Bluefin’s PCI Compliance Certification Program. Learn more about what the Trustwave PCI Compliance Program includes below.


Going through the audits required for a PCI Compliance Certification can be daunting for any business. Bluefin’s PCI Compliance Assistance Program helps our customers achieve and manage their PCI compliance. Our partnership with Trustwave, a leading provider of PCI audit and scan services certified by the PCI Security Council as a Qualified Security Assessor (QSA) and Approved Scanning Vendor (ASV), provides our clients with the tools, resources and guidance to achieve compliance.

How our PCI Compliance Program Works

Once you are approved for a merchant account with Bluefin, we automatically enroll you in the Trustwave program.

  • You will receive a Welcome email from Trustwave
  • Open the email and click on the link provided to register
  • You will be taken to the portal homepage to complete the questionnaire for PCI compliance
  • Download a copy of the certificate upon completion

Trustwave will notify Bluefin of your compliance, so you don’t have to. And as part of our services to you, we offer an ongoing quality assurance program that provides our customers changes or updates to the compliance standards put forth by the payment brands, the PCI Security Council and various government entities.

PCI Compliance How it Works


While Trustwave covers how to become PCI compliant, it doesn’t answer questions of what is PCI Compliance and why it is important. We have developed PCI University, a website devoted entirely to educating our merchants on PCI Compliance and security. Within our web-based tool you will find explanations of the different types of PCI Compliance along with FAQs, articles, and videos.

PCI Compliance Video


While following PCI Compliance standards is the first step to protecting your business, there is no way to 100% guarantee that you will not be the victim of a data breach.

Trustwave’s Data Breach Protection provides an additional layer of risk reduction and financial coverage to offset the costs of a suspected or actual breach. Breach Protection is available once a merchant is enrolled as part of Bluefin’s PCI program, whether they achieve compliance or not.

Benefits of Breach Coverage

  • Protects merchants who are not yet PCI DSS compliant.
  • $100,000 in breach coverage per Merchant Identification Number (MID)
  • No out-of-pocket costs; $0 deductible
  • Covers breach expenses including:
    • Cost of a forensic investigation
    • Credit card reissuance fees
    • Punitive fines from the credit card brands
    • ADCR expenses resulting from fraudulent credit card use



On the other side of credit card data breaches is the question of “what do the credit card thieves do with the stolen data”? As a merchant, accidentally accepting a transaction on a stolen credit card can result in a chargeback as well as loss of product and other hassles. We provide guides for identifying and preventing fraudulent transactions at our merchant support page.