GS Logo
The Green Sheet, Inc

Please Log in

A Thing
View Archives

View flipbook of this issue

Care to Share?

Table of Contents

Lead Story

Untangling the legal side of acquiring


Industry Update

NACHA seeks input on QR codes

It's anonymous mobile payments for Amazon

Accord reached on EMV liability shift

Breach exposes 2.4 million cards

Selling Prepaid

Prepaid in brief

The promise of prepaid MDC

New approach urged for cross-border enforcement


The new PCI SSC guidelines: Separating the cloud from the fog

Kurt Hagerman
FireHost Inc.

Get ready for the mobile revolution

Michael Gavin
Merchant Warehouse


Street SmartsSM:
Think like an aggregator

Dale S. Laszig
Castles Technology Co. Ltd.

Impact of EMV and NFC on acquiring

Jim Bibles
Aperia Solutions

Training customized for you

Bill Pirtle
C3ET Credit Card Consortia for Education & Training Inc.

Company Profile



Meet The Expert: Ross Federgreen

New Products

Versatile storefront, mobile merchant app

AprivaPay Plus
Apriva LLC


Conform, with style


Readers Speak

Resource Guide


A Bigger Thing

The Green Sheet Online Edition

May 13, 2013  •  Issue 13:05:01

previous next

Meet The Expert: Ross Federgreen

Ross Federgreen, founder of data security firm CSR, is a busy man. His data security expertise is sought by national and international organizations, such as the United States Senate, the U.S. Agency for International Development and a number of multinational corporations.

As well as being on the advisory board of The Green Sheet, Federgreen is on the board of the International Association of Privacy Professionals and is a member of the Electronic Transactions Association's Data Security Task Force.

That's quite a resume for a man with a background in what at first glance seems like a completely unrelated field: the science of medical economics and health care claims reimbursements.

It was 1999 and Federgreen, who has a doctorate from Yale University, was searching for greener pastures to apply his expertise.

At the top of his industry wish list were waste output, electricity auditing and payments - all regulated industries in which protecting third-party personally identifiable information (PII) is a priority.

Federgreen said he chose payments because "most ongoing regulations are related to payments. Payments are at the core of what is keeping people in business." He thus formed CSR with a straightforward business model - to offer compliance remedies for regulatory headaches.

Help for PCI and SAQs

CSR creates compliance and business solutions to reduce risk and facilitate compliance with data security regulations, such as the Payment Card Industry (PCI) Data Security Standard (DSS).

The company owns what it believes to be the only patented PCI compliance product, called PCI ToolKit, which allows merchants to complete annual PCI DSS self-assessment questionnaires (SAQs) and demonstrate PCI DSS compliance.

The toolkit guides merchants through the SAQ process with simple questions written in layman's terms and focused specifically on the retailer's particular business.

When the program finds an item of noncompliance, weakness or risk, it notifies the merchant of the problem and dispenses remediation instructions and deadlines.

CSR has several more patent applications pending for its compliance solutions. One patent application covers the CSR Breach Reporting ToolKit, a solution to help companies meet federal, state and other regulatory requirements following a system breach and data loss.

CSR also markets an ISO Optimization Program, a consulting service to help ISOs identify organizational weaknesses and improve productivity, save money and reduce risk.

"These are incredibly important value-added services for relationships with ISOs and acquirers," Federgreen said. "These services tend to bring stability to the acquirer relationships.

"We offer more than just payment services. Privacy is a global issue. These products give the merchant and provider and their partners the leading edge in PII issues over time."

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | Simpay | USAePay | Impact Paysystems | Board Studios