QuickBooks users can stay in compliance with credit card industry security requirements by enabling security around who can view, add, or edit your customers’ credit card numbers.
Individual users can be included or excluded from accessing customers’ sensitive credit card information. Also, for the company accountant, there is a user type called External Accountant. When this type is assigned to your accountant, she cannot view these sensitive customer credit card numbers.
Additionally, when enabled, you can track which user viewed, edited, added, or removed a customer’s credit card number with the Credit Card Audit Trail report.
These three steps provide an overview of how to use this feature correctly:
- Enable the customer credit card protection feature.
- Select which users are given security rights to view the credit card numbers and which users are not given this privilege.
- View the new Credit Card Audit Trail report to track viewing, editing, adding, and deleting activity with your customers’ credit cards.
The first step to viewing details on the Credit Card Audit Trail report is to enable Customer Credit Card Protection in QuickBooks. To do so, follow these steps:
- Log in to the data file as the Admin user. From the menu bar, select Company, Customer Credit Card Protection.
- Click the Enable button to open the Customer Credit Card Protection Setup dialog box. Type a complex password. The complex password must be at least seven characters, including one number and one uppercase character. For example, coMp1ex is a complex password. This complete password now replaces the previous Admin password.
- You are also required to choose a Challenge Question from the drop-down menu and provide an answer to a question. This question will be used to reset your password if you forget it. Click OK.
- A message box opens letting you know the next steps and that you will be reminded in 90 days to change the password. Click OK.
- QuickBooks notifies you that you have enabled Customer Credit Card Protection and details how to allow access by user to the credit card numbers (see step 6). Click OK. You are returned to QuickBooks logged in as the Admin user.
- To select which employees have access to view the full credit card numbers, or to add or change customer credit card numbers, from the menu bar select Company, Set Up Users and Passwords, and select the Set Up Users option.
- The QuickBooks login dialog box displays, requiring you to enter the Admin password to gain access to user security settings. Click OK to open the User List dialog box.
- Select a username and click the Edit button. (Optional) Edit the username or password, or click Next to accept these fields as they are.
- The Access window for the specific user opens. Choose the Selected Areas of QuickBooks option. Click Next.
- The Sales and Accounts Receivable access options display. Choose either Full Access or Selective Access; either of these choices combined with a checkmark in the View Complete Credit Card Numbers box (as shown in the image below) enables the user to view and add, delete, or modify the credit card number. If no checkmark is placed, the user sees only the last four digits of the customer’s credit card when recording transactions that use this sensitive information.
- Click Finish if this is the only setting you want to modify, or click Next to advance through additional security settings.
You have now properly enabled the customer credit card protection and granted or removed user access to these confidential credit card numbers.
–> Tip: When creating a login user for your accountant, select the user type External Accountant. By default, this user type cannot view your customers’ stored sensitive credit card numbers.
With this feature enabled, your data file is now tracking critical user activity about your customers’ credit card numbers. QuickBooks records when the credit card security was enabled, and maintains records of when a user enters a credit card number, modifies a credit card, or even views the credit card audit trail report. As shown here:
This Customer Credit Card Audit Trail report is always tracking customer credit card activity as long as the feature remains enabled. This report can be viewed only by logging into the file as the Admin user. However, you can use your mouse to select all or part of the report and then press Ctrl+C to copy the report to the Windows Clipboard. You can then paste the report into Excel or another program if you want to search or filter the report.
If you want to disable this setting, you must first log in to the data file as the Admin user, enter the complex password that was created when you enabled the protection. From the menu bar, select Company, Customer Credit Card Protection, and select the Disable Protection button. Click Yes to accept that your customers’ credit card number viewing, editing, and deleting activity by QuickBooks users is no longer being tracked for audit purposes.