PCI for ISOs, Acquirers, and Processors
The Challenge of PCI
If you are an ISO, acquirer, or processor, you probably know all about PCI compliance and don't need a review of the basics. (If you do, visit our PCI compliance page.) It's a growing area of concern for most acquiring entities, but there are still many unknowns. While it may sometimes seem like the system is designed to frustrate acquirers, annoy merchants and create complexity, most acquirers realize they need to protect themselves from the financial liability associated with a data breach. Raising your compliance rates will clearly help reduce your financial risk.
We recognize the challenges in getting your compliance rates higher. Acquirers are saying thing like:
- How can I possibly get my portfolio of level 3 and 4 merchants compliant? I have a hard time contacting them, much less convincing them to fill out a 200 question form.
- I already have a PCI solution and it doesn't work. I have 10% compliance. What's different about this?
- Am I eventually going to get fined by the card brands for non-compliant merchants? If I do, I'm screwed, because a lot of my merchants are not compliant.
- I get the risk reduction thing, but can I make some money on my PCI program?
- How do I solve this problem without hiring more people and spending more money?
Simplify, Shorten, and Guide
No one likes logging into an online compliance system and answering questions. (If they did, taxes would be a blast.) Knowing this, we view PCI as an individual behavior challenge. How do you communicate the importance of protecting credit card data to the merchant? And how do you get them to actually do it?
Past approaches have not worked. Posting an online .pdf and expecting a merchant to fill out 250 questions will never succeed. Throwing money and people at the problem by launching outbound call campaigns won't work either.
We believe to problem can be solved through a combination of clever software design and scalable communication. Compliance rates will only climb in any appreciable way by making the process easier to understand and more accessible to the average merchant, by shortening the time required to finish the SAQ and scanning, and by guiding the merchant down the path of least resistance.
Panoptic's Unique Approach
You probably have a PCI solution and less than perfect rates already. So what makes Panoptic different?
SAQ Process Unique in the industry
Our technology makes the SAQ 50% shorter, on average. We write our own questions that are easier to understand, use 'Meta' questions to save time, gather data from POS systems and suggest answers to the merchant. This greatly reduces the time required for the SAQ. (Learn all the details on our SAQ Process page.)
Real-Time Dashboard and Analytics
All merchant compliance and portfolio data is available graphically, in real time. Graphs are actively attached to merchant management tools (like e-mail), and merchants can be organized in any hierarchy required for reporting or internal review. We even allow managers to log in as merchants, see the SAQ and interact with questions on the merchant's behalf. The Dashboard functionality is built around the most common management tasks facing our ISO partners. (Read more on our Dashboard page.)
Highest Compliance Rates in the Industry
Do you know your portfolio compliance rates? Why are PCI providers so unwilling to discuss these numbers or share information? Because the industry average is around 15%. Our average is 55%. We have acquirers in the 80's. Our unique SAQ process and our scalable support tools really do translate to higher compliance rates. Ask your provider for your percentage.
Integrated Support Tools
A simplified and shortened SAQ leads to substantially fewer questions. Outbound call campaigns do not work. Instead, we fully integrate an e-mail tool with our Dashboard, allowing managers to communicate directly with groups of merchants. We use real time chat, have terms and technical subjects defined throughout, and even allow managers to log in as the merchant to help the hardest cases. (Check out the support page for more.)
Our unique SAQ process generates substantially fewer support calls. We don't need to staff huge call centers, but we do provide full support or allow the acquirer to support their own merchants. Because of our unique business model, our pricing will be competitive with discount SAQ providers and better than the major service providers. Call for a demo.