GS Logo
The Green Sheet, Inc

Please Log in

A Thing
View Archives

View PDF of this issue

Care to Share?

Table of Contents

Lead Story

Translating tech for profit


Industry Update

UBC hopes to cash in with free program

Canadians' call for regulation rejected

Fire shuts down processor


GS Advisory Board:
Vertical market virtues - Part II

Allied vendors speak

History of payments technology

Selling Prepaid

Prepaid in brief

Incentive card usage reflects difficult economy

End-to-end payroll

Gift card legal perils - Part II


The cards, they are a changin'

Patti Murphy
The Takoma Group

Mobile payments in the mainstream

Tim McWeeney
WAY Systems Inc.

Dude's got my money: What can I do?

Theodore F. Monroe
Attorney at Law


Street SmartsSM:
Unexamined emotion, a pit bull that mangles business

Jon Perry and Vanessa Lang

Understanding chargeback rules

Ken Musante
Moneris Solutions

Seven rules of 'celling'

Dale S. Laszig
DSL Direct LLC

Moving the needle on level 4 merchants

Joan Herbig

Use technology to tighten relationships, expand revenue

Shan Ethridge
TASQ Technology Inc.

Company Profile


New Products

Self-assessment assistance

Network Merchants Inc.

Pocket-sized terminal

Way Systems Inc.


Time for a change?



Resource Guide


A Bigger Thing

The Green Sheet Online Edition

July 27, 2009  •  Issue 09:07:02

previous next

New Products

Self-assessment assistance

Product: CertifyPCI

A new software program from Network Merchants Inc. targets what is perhaps the most remediable issue with Payment Card Industry (PCI) Data Security Standard (DSS) compliance: its language.

Using questions, explanations and pictures designed to simplify what many find to be the inscrutably technical language of the PCI regulations, CertifyPCI leads a merchant through the required process of self-assessment - finding and filling out the proper self-assessment questionnaire (SAQ) - whereby it is determined whether all the right measures are in place to ensure compliance and forestall a breach.

"A lot of these merchants are very intimidated by selecting the right [SAQ] document and filling it out and feeling confident filling it out," said Nick Starai, Director of Product Development for NMI.

"What we're trying to attack is really making this process streamlined - making sure we auto-select by a couple choice questions what will make sense to the merchant to pick the right document and walk them through filling it out." CertifyPCI is a hosted software on the NMI gateway, and merchants sign up online to create accounts. No download is required; opening and closing an account simply entails returning to the same Web portal.

Find the right document, fill it out

Essentially, the service does two things. One, it helps merchants determine what SAQ to fill out (the questionnaires differ depending on merchant size and type) through a series of questions; two, it guides them through the document's questions by providing notes and pictures designed to clarify each one.

"[The questions] may be basic, like are you a retail merchant?" Starai said. "A lot of merchants still don't even know what retail means [in payments jargon]. Basically, retail might show pictures of card readers or a credit card showing you have some sort of card in your environment, whereas card-not-present or e-commerce will be a different picture. We find clients will relate a lot easier to something they're used to seeing."

Starai said the program begins by asking merchants a series of questions in "layman's language" to deduce what category they fall in and thus what questionnaire to select. Once the program selects a questionnaire, it sends one last message for the merchant to confirm (or disconfirm) that the selected questionnaire is indeed the right one. Only then does the merchant start on the form.

The service is for merchants who fall into the PCI categories of level 2, 3 or 4 (level 1 merchants - those processing more than 6 million transactions a year - are required to enlist an outside auditor for their PCI compliance checks; they don't typically use SAQs).

"Our system will ask a various amount of questions to determine what of a handful of questionnaires [to use] depending on what type of merchant you are; whether you're a retailer, MO/TO or e-commerce, our system will automatically figure out which questionnaire you should be filling out and then, in line with our Web site's [feedback], you check off the appropriate questions and answers," Starai said.

Proof of completion

When a merchant is done filling out the questionnaire, the program provides a print-out containing all of the information that's been entered, verifying a successful self-assessment and noting the deadline for the next compliance check. The program, according to its proprietors, is updated to stay in line with any changes made to the PCI regulations. "We'll keep tabs and update as needed," said Ted Cucci, Chief Operating Officer of NMI. "We're also members of the PCI Council, so we get every update. We're pretty up on PCI."

Network Merchants Inc.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | USAePay | Board Studios