GS Logo
The Green Sheet, Inc

Please Log in

A Thing
View Archives

View PDF of this issue

Care to Share?

Table of Contents

Lead Story

Contactless still in the race


Industry Update

Governator terminates data protection bill

It's thumbs down for proposed illegal Internet gambling regs

Want fries with that MRI? Health care's looming retail environment

SoCal burns, payments industry responds

Web-based tools to help merchants tackle PCI compliance

WSAA's winning meeting

SCA explores the contactless, mobile realm

Use rapport to score with cash advance

Mike Evans
2nd Source Funding


Craig Lesser

NCR drops Tidel ATM brand

Tracy Kitten

Industry Leader

Adam Atlas –
Across the airwaves, into law


Tomorrow has come for PEDs

Paul Rasori


Street SmartsSM:
Surge with emerging markets

Dee Karawadra
Impact PaySystem

Changes afoot for signature debit

Ken Musante
Humboldt Merchant Services

B2B: Rich in opportunity

Aaron Bills
3Delta Systems Inc.

Widgets: Isn't this fun?

Joel and Rachael Rydbeck
Nubrek Inc.

Company Profile

eProcessing Network

New Products

New prescription for the PCI pain?

VoyenceControl PCI Advisor
Company: Voyence Inc.

Click-and-go reordering for MLSs

USA ePay Reseller Online Product Order Form
Company: USA ePay

Online gadget brings Zen order to scheduling



Not rich, wealthy


Contactless creeps like early dept: Is a sprint ahead?




Resource Guide


A Bigger Thing

The Green Sheet Online Edition

November 12, 2007  •  Issue 07:11:01

previous next

Web-based tools to help merchants tackle PCI compliance

To educate merchants on the Payment Card Industry (PCI) Data Security Standard (DSS) and enhance their ability to safeguard consumer data, MasterCard Worldwide and RBS Lynk, in partnership with Trustwave, have rolled out Web-based tools tailored to merchants' needs.

MasterCard's offering is called the PCI Merchant Education Program. The program is eight interactive, online sessions focused on different aspects of the PCI compliance requirements originally developed by the card Associations, including MasterCard and Visa Inc.

The education program can be adapted to meet the needs of acquirers and the merchants they service. It offers on-site, in-person training for acquiring bank professionals. For merchants MasterCard has unveiled its On-Demand Webinar Series (WS), prerecorded Web presentations that can be viewed as merchants' time constraints dictate.

Topics of the WS include: a detailed look at the PCI DSS, steps a merchant must take to gain compliance, preparing a merchant for a PCI audit and how a merchant can reduce the risk of data breaches.

Joshua Peirez, Chief Payment System Integrity Officer for MasterCard, said, "This new program is the latest component in our collaborative efforts to help protect our customers from data theft and fraud and help facilitate the global implementation of consistent data security measures."

Online risk assessment

Using PCI DSS as a framework, the Risk Profiler and Trustkeeper utilities - developed conjointly by leading payment processor RBS Lynk and global information security provider Trustwave - are specialized programs that help merchants identify and mitigate risks in their card transaction systems.

The Risk Profiler gives merchants access to online and on-site data security tools, such as the Risk Profiler Web-based risk analysis program and Trustkeeper, another online service geared toward helping merchants reach PCI compliance.

The Risk Profiler application guides merchants toward completion of the self-assessment questionnaire (SAQ) and a network vulnerability scan. Trustkeeper is software downloadable to a merchant's POS system. It tracks whether or not card data is appropriately stored and safeguarded on the system. Both the Risk Profiler and Trustkeeper are designed specifically to help level three and level four merchants as defined by the card Associations. Level three merchants process 20,000 to 1 million card transactions per year; level four merchants are those businesses that process fewer than 20,000 card transactions per year.

Robert J. McCullen, Chairman and Chief Executive Officer of Trustwave, said, "We can assist level three and four merchant populations through the compliance cycle with easy-to-access technologies to ensure consumer identities and payment information remain secure."

"This program will help merchants meet the requirements of PCI DSS and ensure the protection of consumer card data," LeAnn Brown, Assistant Vice President and Risk Manager of PCI compliance at RBS Lynk, said. "We are working with Trustwave to simplify the process for merchants to establish and maintain their compliance with these important security mandates."

PCI DSS is a series of 12 requirements to which every merchant accepting electronic payments must adhere. These include building and maintaining a secure network, protecting cardholder data, and regularly monitoring and testing network security.

The main goal of PCI DSS is to protect consumer card information from slipping into the hands of fraudsters and data thieves.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | USAePay | Board Studios