PCI and EMV: A Car Washer’s Guide

July 16, 2019 | Richard Carpenter

Just when car wash operators were starting to get a handle on PCI compliance, along comes EMV. And with it comes a whole new host of questions. What is EMV? Does it replace PCI? Is it mandatory?

First things first, EMV is NOT a replacement for PCI. While both work towards the same goal, they are not connected. They serve different purposes and have different requirements.

Let’s see how they differ and how both help protect merchants and customers.


pci-logo-IZHo.pngThe Payment Card Industry Security Standards Council (PCI SSC) was formed in 2006 by the five major credit card companies to create standards that ensure the secure handling of credit card information. There are 12 broad PCI requirements and 300+ sub-requirements, but here are the key points:

  • Your payment software must be validated as PCI-compliant by a qualified security assessor (QSA). You can search the list of validated applications on the PCI website.
  • A self-assessment questionnaire (SAQ) provided by your acquirer must be completed annually. The SAQ is complex, but a simpler version can be used if PCI-compliant Point-to-Point Encryption (P2PE) is in use. This technology securely encrypts card data from the card reader and decryption (to clear text) occurs at the processor. Merchants must use a product that has been validated to PCI standards to use the reduced SAQ.
  • A quarterly network scan must be completed. This service is typically offered by the acquirer (using a 3rd party) who remotely accesses the car wash location to ensure there are no security vulnerabilities. The scan identifies weak points in your network externally (firewall) and internally (malware). 

Compliance requirements are defined by the payment card brands and are applied by acquirers. As such, your merchant account acquirer is the best resource for compliance questions and guidance.


EMV stands for Europay, Mastercard, Visa, the three companies that created the global standard for chip-based debit and credit card transactions. While an EMV transaction uses the same card data as a magnetic stripe transaction, it also includes an encrypted data element (or cryptogram) which changes in every transaction. The cryptogram is generated by the chip on the EMV card and cannot be produced by a fraudulent card.

EMV is optional. However, not deploying EMV technology can put you at greater risk for financial loss from chargebacks. Also, you should consider consumer perception. Consumers are now familiar with EMV and may consider magnetic stripe processing as unsafe or outdated.

Better Together

PCI compliance helps protect credit card data that is stored, processed, and transmitted, but it doesn’t do anything to validate a specific card transaction. EMV prevents businesses from accepting counterfeit cards but doesn’t do anything to protect credit card data after the swipe. Consequently, EMV isn’t a substitute for PCI compliance, and PCI isn’t a replacement or catchall for EMV. The two combine to improve overall credit card security.

When selecting a point-of-sale system for your car wash, payment security should be top of mind. Ask any vendor you are considering how their system will help you maintain PCI compliance. Be sure to verify through the PCI website that the software has been validated. Additionally, you’ll want to consider EMV and whether your POS provider can support it. Taking the time to do the proper due diligence from the start can save you from compliance headaches and financial losses in the future.

About Richard Carpenter

Rich has spent his career bridging the gap between customers and product development. He works closely with car wash operators, C-Stores, distributors and manufacturers to help DRB develop powerful solutions to meet their needs and drive ROI. LinkedIn

More posts by Richard

Related Content

Credit cards

Blog Post

Harness the Benefits of EMV for Your Car Wash

August 28, 2023

EMV technology has emerged as a global standard for credit card transactions, offering smarter and more secure transactions.

Read more
Array of colorful EMV credit cards


IBA EMV - Harnessing the Benefits of Secure Payment Technology

August 22, 2023

In this webinar we provide a deeper understanding of EMV technology for in-bay automatics and its vital role in securing transactions.  Read more

Screen with data on it


Gain Control of Wash Management

August 17, 2023

This webinar looks at three core areas of Patheon® that can revolutionize your operations and boost your success.

Read more
Translucent arrow decoration

Don't Miss a Post

Subscribe to our monthly Soapbox newsletter that includes all of our latest blog articles, plus events, news and more.

Air bubbles in blue water