PCI Compliance

Merchants accepting credit/debit cards for payment are required to become compliant with the Payment Card Industry Data Security Standards (PCI DSS). The Payment Card Industry Data Security Standards (PCI DSS) are a set of mandated guidelines that provide merchants with rules for physical, application and network security, as well as security policy management, which is required of all merchants. The PCI Council was formed by the five major card brands (Visa, MasterCard, American Express, Discover and Japan Card) in 2004 to establish a standard set of guidelines around the handling of card holder data by merchants. This means that the processes and applications by which your business processes and handles credit and debit card data must abide by the standards set forth by the PCI Security Standards Council.To demonstrate compliance with these guidelines, merchants are required to submit an attestation of compliance annually.

Fees/Consequence
It is YOUR responsibility, as a merchant accepting credit and debit card payments, to safeguard customer card data by becoming PCI compliant. Again, in order to comply with the card brands and avoid potentially hefty fines, Visa, Mastercard, Discover, American Express are requiring that all merchants meet PCI DSS requirements as soon as possible.

The good news is that we have selected a company that makes achieving compliance as easy as possible. Our PCI compliance program is being managed by ControlScan, an Approved Scanning Vendor (ASV) by the PCI Council, who is a leading provider of PCI security solutions for small- and medium-sized merchants. Their easy-to-use tools and personal level of support make achieving compliance less complicated.

PCI 1-2-3. A Simpler Way to PCI DSS Compliance
The thought of losing or compromising a shopper’s personal information is a critical concern of retailers. It makes shoppers reluctant to buy which costs retailers business. It’s also a top issue for the credit card brands, which lose more than $1 billion a year to card fraud. The Payment Card Industry (PCI) Security Standards Council (an organization formed by the card brands) created the PCI Data Security Standard (DSS) to help merchants proactively protect customer account data.

Any merchant or service provider that stores, processes or transmits customer account  data must comply with the PCI DSS controls and processes. If you don’t, you risk costly fines, audit costs, restrictions or worse should a breach occur.

Achieving PCI compliance is easy as 1-2-3. 
Solupay makes it easier to meet PCI DSS requirements and protect your customers’ important information. ControlScan's PCI 1-2-3 compliance solution, available online via a merchant portal called myControlScan.com, provides you with the leading tools and support necessary to analyze, remediate and validate PCI compliance at an affordable rate, including:
Merchants accepting credit/debit cards for payment are required to become compliant with the Payment Card Industry Data Security Standards (PCI DSS). The Payment Card Industry Data Security Standards (PCI DSS) are a set of mandated guidelines that provide merchants with rules for physical, application and network security, as well as security policy management, which is required of all merchants. The PCI Council was formed by the five major card brands (Visa, MasterCard, American Express, Discover and Japan Card) in 2004 to establish a standard set of guidelines around the handling of card holder data by merchants. This means that the processes and applications by which your business processes and handles credit and debit card data must abide by the standards set forth by the PCI Security Standards Council.To demonstrate compliance with these guidelines, merchants are required to submit an attestation of compliance annually.

Example Only:

PCI 1-2-3 Self Assessment Questionnaire (SAQ)

• Intuitive, simple-to-use tool even for the most novice user

• A picture-driven qualification step that helps you easily determine your Validation Type (as defined by PCI DSS version 1.2)

• Expert help text and real-life examples

PCI 1-2-3 Scanning

• Network vulnerability scans for merchants that have external-facing IP addresses

• Web application scans (cross-site scripting, SQL injections and remote file inclusion) to find holes in Web-based applications 

• Easy-to-understand reports that detail the scan results and prioritize vulnerabilities by severity

• Detailed instructions on how to remediate identified vulnerabilities

PCI 1-2-3 Policy Builder

• A set of custom security policies, powered by the Unified Compliance Framework (UCF), a leading provider of IT compliance, governance and regulatory content

• Policy templates that are automatically generated based on the way you process payment cards, making it easy for you to comply with this specific PCI DSS requirement

PCI 1-2-3 Security Awareness Training
On-demand security training delivered in a non-technical, easy-to-consume manner which satisfies the PCI Data Security Standard (PCI DSS) security awareness requirement. Benefits include the following:

Breach Protection
As a service to any merchant who purchases our PCI 1-2-3 Compliance solutions, we will provide you with Breach Protection at no additional cost to you (U.S.-based companies only). This program is specifically designed to help your business handle the associated expenses should a suspected or actual data breach occur. You will be covered for up to $50,000 ($0 deductible) to pay for audits, fines or other expenses associated with the breach. For more information, please click here.

Personal Touch Support
ControlScan's support team is staffed by professionals with expertise in the PCI DSS.  Our team has years of experience working with small merchants. This deep knowledge of PCI and understanding of how small businesses operate allows ControlScan to provide you with clarification of the PCI compliance requirements in terms that make sense to you. Support is available via telephone, email or online chat.

ControlScan's PCI 1-2-3 compliance solutions are delivered as an on-demand subscription service via the Web, so you are able to start your compliance efforts immediately. ControlScan offers the most comprehensive PCI DSS compliance solution at a great value. Make sure you are PCI compliant – we can help simplify the process for you with PCI 1-2-3 compliance solutions. Our helpful support staff is also standing by to give you personalized assistance.