GS Logo
The Green Sheet, Inc

Please Log in

A Thing
View Archives

View PDF of this issue

Care to Share?

Table of Contents

Lead Story

Doing business in the mobile channel

Patti Murphy
The Takoma Group


Industry Update

Security standards lifecycle extended

Congress approves interchange regulation amendment

New ACH rules in step with Check 21

ETA unveils new logo

Trade Association News


GS Advisory Board:
Merchant retention, taking the initiative - Part 1

Selling Prepaid

Prepaid in brief

FinCEN seeks comprehensive AML framework

Prepaid largely spared in final Durbin Amendment


Strong relationship skills obliterate obstacles

Jeffrey Shavitz
Charge Card Systems Inc.


Street SmartsSM:
Should an industry attorney review your contracts?

Ken Musante
Eureka Payments LLC

Managing your most important asset

Jeff Fortney
Clearent LLC

De-commoditize continuously to conquer a crowded market

Daniel Burrus
Burrus Research Associates Inc.

Building a PCI program that works

Tim Cranny
Panoptic Security Inc.

Digital reputation management

Peggy Bekavac Olson
Strategic Marketing

Company Profile

ROAM Data Inc.

New Products

Loyalty program, in spades

GoMo Wallet
Gold Mobile, Telcordia Technologies Inc.

Cordless retrofit for dial-up

Nebo Wireless
Nebo Wireless LLC


Turn negative thoughts into positive action



Resource Guide


A Bigger Thing

The Green Sheet Online Edition

July 12, 2010  •  Issue 10:07:01

previous next

Building a PCI program that works

By Tim Cranny

Complying with the Payment Card Industry (PCI) Data Security Standard (DSS) is rapidly becoming an unavoidable part of business for ISOs and their merchants. Most ISOs are now either putting together a PCI program or reviewing their existing solutions and partnerships.

This process deserves careful thought because the right program can increase customer loyalty and satisfaction, while a poorly designed or implemented program will drive merchants away. Here are seven lessons to consider when building a PCI program:

1. Do-it-yourself requires expertise

2. Soft costs can kill you

3. Cheap is expensive

4. Remediation is critical

5. Communication is vital

6. Customization provides opportunity

7. Portfolio knowledge aids outreach

A well-planned PCI program

Most ISOs are still coming to grips with PCI, and many are struggling with the question of how to put the right program in place. Helping merchants find the right approach reduces your legal and financial exposure, improves the security of your merchants and their customers, and deepens and improves your relationship with your portfolio.

Dr. Tim Cranny is an internationally recognized security and compliance expert and is Chief Executive Officer of Panoptic Security Inc. ( He speaks and writes frequently for the national and international press on compliance and technology issues. Contact him at or 801-599 3454.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | USAePay | Board Studios