GS Logo
The Green Sheet, Inc

Please Log in

Banner Ad
View Archives

View flipbook of this issue

Care to Share?


Table of Contents

Lead Story

How to keep tabs on reps, merchants - Part 1

News

Industry Update

PCI compliance gets easier with SmartSAQ

New age of cross-channel prospecting

Bitcoin Foundation opens dialogue with Fed

Payments industry Inc. 500/5000 winners

Features

Getting up to speed on mobile payments

Selling Prepaid

Prepaid in brief

Green Dot goes glam

Views

Brand value and full disclosure

Brandes Elitch
CrossCheck Inc.

Education

Street SmartsSM:
Let's talk price

Dale S. Laszig
Castles Technology Co. Ltd.

Seven tips for a successful mass PCI compliance program: Part 2

Michelle Thompson
FirstMerit Bank NA

Marketing with video

Nancy Drexler
Acquired Marketing

Maximizing loyalty program ROI

Michael Gavin
Merchant Warehouse

Company Profile

Regal Payment Systems LLC

The Merchant Solutions

New Products

Smart solution for unattended fuel pumps

SmartSight
www.comdata.com

Mobile minus the dongle

Flint+ supported by Fidano
Flint Mobile Inc.

Inspiration

Spring into action before the holidays

Departments

Readers Speak

Resource Guide

Datebook

Skyscraper Ad

The Green Sheet Online Edition

September 09, 2013  •  Issue 13:09:01

previous next

PCI compliance gets easier with SmartSAQ

The payments industry has seen significant improvement in data security practices since the advent of the Payment Card Industry (PCI) Data Security Standard (DSS) seven years ago. According to a 2010 Visa Inc. report, the Level 1 merchant compliance rate had climbed from 12 percent to 96 percent since 2006. The report also indicated higher compliance among Level 2 category merchants, clocking them in at an overall rate of 95 percent. However, the same study also showed marginal compliance improvement within the Level 3 and 4 merchant brackets.

In 2009, ControlScan launched its inaugural study aimed at understanding Level 4 merchant security behaviors and awareness of PCI compliance. In November 2012, the fourth iteration of this annual study provided current data on perceptions and attitudes small to midsize businesses have about security. ControlScan's 2012 study, which incorporated feedback from over 600 respondents, revealed ongoing improvements within the Level 4 business category, but much of that progress was made by larger Level 4 merchants or those conducting business online.

Moreover, according to the report, 47 percent of respondents "are 'unsure' or 'not at all' familiar with the PCI DSS." Also, while merchants who reported familiarity with PCI practices indicated they also felt their businesses were more secure, 79 percent of all respondents stated they felt they were not at risk of a data security breach.

A way to lighten the load

These findings, along with input gathered from call center data and the company's merchant service provider (MSP) clients, led ControlScan leaders to address ongoing Level 4 PCI awareness and compliance issues. They identified a key barrier to compliance: the length of time required for small business merchants to complete the annual self-assessment questionnaire (SAQ). Thus, ControlScan set out to create an automated SAQ tool that would reduce completion time and simplify the process. And on Aug. 13, 2013, ControlScan introduced the SmartSAQ to its portfolio of merchant services companies.

Steve Robb, ControlScan's Senior Vice President of Products and Services, described the tool's value, stating, "The key word is familiarity: the first thing merchants will notice when they log into SmartSAQ is the inviting and intuitive interface. In addition, MSPs who deploy SmartSAQ to their merchants can easily conform its presentation to their own brand, meaning that the merchant easily recognizes the tool as part of their service arrangement."

The tool also provides an intuitive user-history feature that captures each user's unique information for a database that will pre-populate the appropriate fields on the following year's SAQ. "The nice thing about this tool is that it incorporates many time-saving features so that once the initial validation has taken place, subsequent validations are streamlined even further," Robb noted.

ControlScan reported that the tool has been well received by its MSP customers and that the rollout plan is simple: introduce newly signed merchants to the SmartSAQ at boarding and migrate existing merchants at the time of annual validation. Kyle Spring, Compliance Specialist at Basys Processing, pilot-tested the SmartSAQ. "Now we can provide our merchants a simpler, quicker and more effective way to maintain compliance that doesn't feel like a hassle," he said.

In addition to continuing its annual merchant study, ControlScan plans to track user statistics related to SAQ selection, stopping points and bounce rates. The company intends to compile these metrics in an effort to identify ways to continually improve the SmartSAQ and monitor its impact on future small business compliance ratings.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | Harbortouch | USAePay | IRISCRM.COM | Humboldt Merchant Services