Payments Info

PCI & Funding

-

Prime Merchant Group


Effective Date: October 6, 2025
Who we are: Prime Merchant Group, LLC (“PMG,” “we,” “us”)
Contact: sales@primemerchantgroup.com


PCI & Security

How card data is handled. PMG’s gateway is powered by NMI, a PCI DSS Level-1 certified provider. We use tokenization and hosted components to minimize your PCI scope. PMG and NMI do not store full PAN in clear text.

Your responsibilities. You must:

  • Maintain PCI DSS compliance annually and complete the appropriate SAQ (e.g., SAQ-A for fully hosted/redirect; SAQ-A-EP where your code can affect the payment page; your exact SAQ depends on your integration).
  • Never store full card numbers, CVV, or sensitive authentication data in logs, emails, or tickets.
  • Use strong access controls for your staff and any vendors.
  • Run vulnerability scans/patches as required by your SAQ and environment.
  • Notify sales@primemerchantgroup.com immediately if you suspect a compromise.

Helpful tips.

  • Prefer Hosted Payment Fields/redirect to reduce scope.
  • Limit who can access the gateway and enable MFA where available.
  • Scrub support tools and web server logs of card data.


Funding & Deposits

Who controls deposits. Your Acquirer (and its designated processors) controls settlement and deposit timing. PMG/NMI do not hold merchant funds.

Cadence & cut-offs.

  • Typical schedule is T+2 business days; T+1 or instant may be available subject to eligibility and fees.
  • Cut-off times, weekends, and bank holidays can shift deposit dates.
  • Your Acquirer may place reserves/holds or adjust funding for risk, disputes, or ACH returns.

Where to manage funding.
Update funding accounts, view cut-offs, or request accelerated funding in your Acquirer portal or through your Acquirer representative.

Related policies & support

Disclaimer

This page summarizes common PCI and funding practices for PMG’s gateway. Your Acquirer agreement and card-brand rules control in the event of a conflict.