• HOME
• INDUSTRY SOLUTIONS
  Business to Business eCommerce Mail Order & Telephone Order Retail Restaurant Supermarket Non-Profit Petroleum & Convenience Hotel Insurance Education Automotive Government Property Management Childcare Franchise & Association
• PRODUCTS & SERVICES
  Credit & Debit Card Processing Prepaid Solutions Check Processing Merchant Cash Advance Gateway Services
• PCI COMPLIANCE
  PA-DSS PCI-DSS
• SUPPORT SERVICES
  Industry Terms Q & A
• ABOUT US
  Contact Us Locations Our Team Partners Careers Testimonials Submit a Testimonial

PCI DSS

If you’re a merchant who plans to accept credit/debit cards, you are required to become compliant with the Payment Card Industry Data Security Standards (PCI DDS). The PCI DDS is a set of mandated guidelines merchants must follow. This includes rules for:

• Physical security
• Application security
• Network security
• Security policy management

Five major card brands (Visa, MasterCard, American Express, Discover, Japan Card) all make up the PIC Council, which was established in 2004 to set guidelines for all merchants accepting plastic payments. Merchants must submit an attestation of their compliance to the PCI Security Standards Council annually.

Fees & Consequences for NOT begin PCI DDS Compliant

As a merchant, it is YOUR responsibility to safeguard customer data through PCI compliance. All major cardholders who make up the Security Standards Council require that merchants meet PCI DDS requirements. If a merchant is not compliant, hefty fines and consequences may result.

Merchant’s First & PCI Compliance

At Merchant’s First, we partner with a company who makes PCI compliance easy and simple for our customers. We work with ControlScan, an Approved Scanning Vendor (ASV) by the PCI Council. ControlScan is a leading provider of PCI security solutions for small-and-medium-sized companies, and does a great job at ensuring our merchants avoid fines and consequences. They supply simple tools and great support.

ControlScan’s 1-2-3 PCI DDS Compliance

We make it easier to meet PCI DDS requirements, and protect your customer’s information. ControlScan’s PCI 1-2-3 compliance solution provides you with the tools and support needed to analyze, remediate and validate PCI compliance. This tool is an online portal that makes compliance simple, at an affordable rate. Some examples include:

PCI 1-2-3 Self Assessment Questionnaire (SAQ)

• Intuitive, simple-to-use tool even for the most novice user
• A picture-driven qualification step that helps you easily determine your Validation Type (as defined by PCI DSS version 1.2)
• Expert help text and real-life examples

PCI 1-2-3 Scanning

• Network vulnerability scans for merchants that have external-facing IP addresses
• Web application scans (cross-site scripting, SQL injections and remote file inclusion) to find holes in Web-based applications 
• Easy-to-understand reports that detail the scan results and prioritize vulnerabilities by severity
• Detailed instructions on how to remediate identified vulnerabilities

PCI 1-2-3 Policy Builder

• A set of custom security policies, powered by the Unified Compliance Framework (UCF), a leading provider of IT compliance, governance and regulatory content
• Policy templates that are automatically generated based on the way you process payment cards, making it easy for you to comply with this specific PCI DSS requirement

PCI 1-2-3 Security Awareness Training

• Breach Protection

As a service to any merchant who purchases our PCI 1-2-3 Compliance solutions, we provide Breach Protection at no additional cost (U.S.-based companies only). This program is specifically designed to help your business handle the associated expenses should a suspected or actual data breach occur. You will be covered for up to $50,000 ($0 deductible) to pay for audits, fines or other expenses associated with the breach.

• Personal Touch Support

ControlScan's support team is staffed by professionals with expertise in the PCI DSS.  Our team has years of experience working with small merchants. This deep knowledge of PCI and understanding of how small businesses operate allows ControlScan to provide you with clarification of the PCI compliance requirements in terms that make sense to you. Support is available via telephone, email or online chat.

• On-Demand Subscription

ControlScan's PCI 1-2-3 compliance solutions are delivered as an on-demand subscription service via the Web, so you are able to start your compliance efforts immediately. ControlScan offers the most comprehensive PCI DSS compliance solution at a great value. Make sure you are PCI compliant – we can help simplify the process for you with PCI 1-2-3 compliance solutions. Our helpful support staff is also standing by to give you personalized assistance.

PA-DSS

PCI-DSS