No. Square complies with all required PCI standards, so Square account holders do not need to validate PCI compliance for information given to Square. With Card on File, you don’t have to worry about handling your customer’s sensitive information or storing any paper forms.
It’s a violation of PCI standards to record a customer’s security code, which is why there isn’t a space for it. If you’d like to manually input a payment, you’ll need to request the security code directly from the seller each time you input the card. If you take advantage of Square’s Card on File feature, you don’t have to manually input the security code.
Adding a customer to an open ticket will also associate their payment card on file. When you’re ready to close a ticket, tap Charge > Under the Card on File tender type, select from the customer’s cards on file > complete the payment.
When using Square’s eCommerce API or Customers API to store cards on file, you can use these cards to complete payments with both the Square app and Square Invoices (and vice versa). Square’s APIs, the app and Invoices all use the same infrastructure to support Card on File.
Once a card on file expires, you or your customers will need to unlink the card information from their profile in your Customer Directory under Edit Personal Information. After this has been done, the new card information can be updated at any time. If you attempt to run an expired card on file with Square POS app, the payment will be declined.