High Risk Merchants Struggle with PCI Compliance

Mar 23, 2015

The newest version of the Payment Card Industry data security standard (PCI-DSS) went into effect on January 1, 2014. This means that all merchants must comply with these standards by October of 2015. The changes in PCI DSS 3.0 are detailed on the PCI Security Standards Council Website, but there are three major changes going into effect that will influence how small and medium size businesses interact with customers that are worth noting.

59 More Problems

Every year, merchants must fill out the PCI data-security standard self-assessment questionnaire (SAQ). This survey helps merchants and providers evaluate their level of compliance with the PCI-DSS. Now the new version of the questionnaire features 59 additional questions that are highly technical, making the survey a whopping 139 questions. The new questions are an additional complication that demands high technical knowledge and understanding of complex security issues. To complete the questions, merchants must be able to accurately answer questions specifically related to their network security.

The Definition of Service Provider

The definition of service provider has been expanded. Previously, a service provider was any business entity that was not a payment brand and was directly involved in the storage, processing, or transmission of cardholder data for another entity. The definition has now expanded to include any company that provides a service that controls or impacts cardholder security. This means that anyone who sets up, changes, or configures a merchant’s business network is liable in the event of a data breach. Unfortunately, most of these people or businesses lack the expertise to construct an ironclad security network that can keep away sophisticated hackers. But the good news is that if the IT guy or payments-system vendor do possess this expertise, this change won’t affect the merchant.

Proof Network Segmentation

Previously, PCI compliance required merchants to segment their networks by splitting payment traffic from daily business network traffic. However, authorities believe that many merchants are not truthful about their network segmentation, so PCI-DSS 3.0 requires merchants to relay exactly how they are segmenting their traffic.

New PCI compliance rules can be overwhelming for high risk merchant account owners who just want to run a successful business. Contact eMerchantBroker.com to manage your account. Our experienced payment processors understand the new rules and can make sure your business is compliant.

Let us help you get a high risk merchant account today!

Get Started

Award winning.

  • 2012
  • 2013
  • 2014
  • 2015
  • 2016

Having a merchant account allows an account holder to take advantage of merchant cash advances. When a merchant is approved for an advance, the business agrees to receive a lump sum of cash in exchange for an agreed-upon percentage of future credit card sales.

Pricing varies depending on the merchant’s industry, past credit card processing history, the type of business seeking the account, average ticket sales, and average transaction volumes.

Yes, EMB works with merchants who are building their credit, as well as those who have poor credit. EMB also approves merchants that have no credit card processing history and businesses that have lost their merchant accounts due to high chargebacks.

Several factors influence a merchant’s risk level. Though only one factor likely will not get a merchant classified as high risk, a combination of these may: business size, location, and industry, credit score, credit card processing history, a industry’s reputation for excessive chargebacks, a prior history of high chargeback ratios, and whether a merchant exclusively sells online.

Virtual terminals are stationed on a merchant’s website, making it easy for customers to make a payment or purchase online. Merchants or a payment processor can easily set up virtual terminals, so online businesses can accept credit and debit card and e-check transactions.

A merchant account is a business account with an acquiring bank. Without this business account, which actually works more like a line of credit, a merchant cannot accept and process credit and debit card transactions. Businesses need a merchant account to accept major credit cards via a static point-of-sale terminal, mobile card reader, or through a virtual payment gateway.

After filling out EMB’s simple online application and submitting any necessary, requested documents, many merchants get approved within 24 and 48 hours.

EMB specializes in working with high-risk merchants. EMB works with many merchants, including but not limited to businesses in these industries: gambling and gaming, adult entertainment, nutraceuticals, vaping and e-cigarettes, electronics, tech support, travel, high-end furniture, weight loss programs, calling cards, e-books and software, and telecommunications.

Live Chat