Payment Card Industry Data Security Standard Audit A Fire Drill?

Jul 22, 2016

Each year, companies face a fire drill when completing their Payment Card Industry Data Security Standard (PCI DSS) audit. What is more, companies have to complete the vulnerability scans that are required by PCI DSS.

Why Do Companies Get into a Chaos?

The reasons for a PCI compliance fire drill are as follows:

  • First of all, companies are still manually compiling cyber risk data into lots of spreadsheets.
  • Second, there are companies that do not practice continuous compliance. All this eventually results in a fire drill.

There are tens or even hundreds of legacy systems in large companies. These systems, some of which are used to store the company’s most valuable information, are in scope for PCI DSS compliance. The owners of the systems have their specific experts and administrators.

Enterprise security is called to coordinate all of these parties to provide vulnerability scans, penetration testing, validation, and more. When distancing themselves from the security department, application owners make these efforts complicated.

The issues of payment transaction security are of immense importance for merchants running a business online. To enjoy top protection from fraud and minimize your chargebacks, consider turning to eMerchantBroker. EMB is voted the #1 high risk payment processor in the US and has an A+ rating with the BBB.

Underlying Tracking of the Process

Very often, emails and spreadsheets are being exchanged close to the deadline for reporting. The best case scenario of the exchange process is something like this:

  1. The vulnerability manager requests some time from the application owner for vulnerability scanning and penetration testing.
  2. The application owner provides the manager with the requested time so the latter could schedule scanning and testing.
  3. The scanning and penetration testing teams take the necessary steps and show the results to the vulnerability manager.
  4. The vulnerability manager emails the application owner and technical administrator to inform them about the necessary patches or updates.
  5. Emails on the scheduling of fixes go back and forth
  6. Fixes are implemented
  7. The vulnerability manager gets notified.

According to some recent discussions in the field, security managers can spend 25% – 40% of their time pulling manual reports. Moreover, there are companies that fail to complete the quarterly scanning process on time so they fill in the gaps based on outdated information.

Let us help you get a high risk merchant account today!

Get Started

Award winning.

  • 2012
  • 2013
  • 2014
  • 2015
  • 2016

Having a merchant account allows an account holder to take advantage of merchant cash advances. When a merchant is approved for an advance, the business agrees to receive a lump sum of cash in exchange for an agreed-upon percentage of future credit card sales.

Pricing varies depending the merchant’s industry, past credit card processing history, the type of business seeking the account, average ticket sales, and average transaction volumes.

Yes, EMB works with merchants who are building their credit, as well as those who have poor credit. EMB also approves merchants that have no credit card processing history and businesses that have lost their merchant accounts due to high chargebacks.

Several factors influence a merchant’s risk level. Though only one factor likely will not get a merchant classified as high risk, a combination of these may: business size, location, and industry, credit score, credit card processing history, a industry’s reputation for excessive chargebacks, a prior history of high chargeback ratios, and whether a merchant exclusively sells online.

Virtual terminals are stationed on a merchant’s website, making it easy for customers to make a payment or purchase online. Merchants or a payment processor can easily set up virtual terminals, so online businesses can accept credit and debit card and e-check transactions.

A merchant account is a business account with an acquiring bank. Without this business account, which actually works more like a line of credit, a merchant cannot accept and process credit and debit card transactions. Businesses need a merchant account to accept major credit cards via a static point-of-sale terminal, mobile card reader, or through a virtual payment gateway.

After filling out EMB’s simple online application and submitting any necessary, requested documents, many merchants get approved within 24 and 48 hours.

EMB specializes in working with high-risk merchants. EMB works with many merchants, including but not limited to businesses in these industries: gambling and gaming, adult entertainment, nutraceuticals, vaping and e-cigarettes, electronics, tech support, travel, high-end furniture, weight loss programs, calling cards, e-books and software, and telecommunications.

Live Chat