The Green Sheet Online Edition
April 25, 2011 • Issue 11:04:02
Drive compliance with a PCI dashboard
Online Payment Card Industry (PCI) Data Security Standard (DSS) compliance solutions provider Panoptic Security Inc. recently launched MyPCIDashboard, an interactive, real-time PCI and risk management dashboard for ISOs, merchant level salespeople (MLSs), processors and banks. Using key performance indicators and real-time business intelligence data, the dashboard guides users through all phases of merchant PCI compliance.
"We start at a B2B level relationship," said Leslie Norris, Executive Vice President of Panoptic. "I think some of the other providers look at a merchant level relationship that happens between them, and the ISO is merely bringing merchants into the equation, which we all know is not a healthy way to manage PCI compliance, because these ISOs have a huge responsibility on them and a potential huge cost factor that can be placed on them."
More troubling, she said, is that many ISOs lack the tools necessary to manage a PCI compliance program. "We provide an online custom dashboard that enables our customers to manage instantly all of the things that are taking place in their PCI compliance program," Norris said. "When you empower the ISO with better tools to communicate directly with their own merchants, supplemented by communications from us," compliance is easier to achieve.
Panoptic's dashboard is structured around four quadrants geared toward delivery of real-time dynamic data, metrics at a glance and actionable information, whether delving deeper into data or performing outreach efforts based on collected data.
Quadrant one, compliance and validation, evaluates the entire portfolio, measuring compliance milestones for each merchant. "You can literally see by milestone where every merchant is in relationship to the compliance process, either as a group or type of groups," Norris said, adding that groups can be segmented by geography, POS system type or specific agents.
Quadrant two, merchant progress, provides tactical information. "We preload all of their accounts in advance," Norris said. "You've got these tactical progress metrics you can look at to see how well they're doing through the process, and at any time you can reach in, snag a search and filter group, and you can dynamically communicate with them on the spot. You can either do it yourself as a customer or you can tell us you'd rather have us doing it and your account manager basically monitors your population through the system."
As part of portfolio management in quadrant three, ISOs can manage outbound communications to individuals or merchant groups with preloaded templates for email, phone or direct mail that are triggered automatically as merchants progress through each stage of compliance.
The fourth quadrant allows users to download real-time, formal, industry-required reports based on payment brands, processor-specific items or customized information determined by ISO preference. Norris said ISOs can click on a payment brand to generate a payment brand report in the proper format and with the most current information.
The SAQ simplified
To expedite completion of the Self-Assessment Questionnaire (SAQ), Panoptic maintains a library of equipment templates. "We actually go in and take the variables on the SAQs that would fit that customer's merchants, and we pre-populate based on the terminal connectivity type and the system that merchant is using," Norris said. "Based on your selection of how you're processing, we have just a handful of pre-SAQ questions to make sure that you haven't reconfigured your system."
Norris said the dashboard typically pre-populates anywhere from 75 to 90 percent of the SAQ answers based on how the terminals are connected and system type, which not only improves the accuracy of answers, but reduces completion time for most merchants.
Panoptic Security Inc.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.