PCI Compliance for Acquirers and ISOs

1st Secure IT has a proven record of assisting banks and ISOs in their efforts to achieve higher payment card industry (PCI) compliance rates for their merchant portfolios.

Because of changes in the industry, Acquirers and ISOs have become the new gatekeepers for PCI compliance. According to the PCI Security Standards Council (PCI SSC) and the various card brands, it is up to the acquirers to ensure vigilantly that their merchants follow the procedures necessary to achieve and maintain PCI compliance. The fines for non-compliance are steep.

Additionally, when a merchant’s cardholder data is breached, the liability for noncompliance rests with the acquiring institution. Typically, this is passed on to the ISO providing merchant services and by that ISO on to the merchant itself.

The Federal Financial Institutions Examination Council (FFIEC) guidelines regulate the financial industry and contain mandates for protecting online banking transactions. The Office of the Comptroller of the Currency (OCC), which regulates banks and reviews IT-security controls distributes these guidelines. For a bank, ensuring the PCI DSS compliance among its merchants is critical to satisfy banking examination regulations.


PCI DSS Solutions for Acquirers and ISOs

1st Secure IT offers PCI compliance solutions for all merchant levels. We provide solutions to Acquirers and ISOs to enable their Level 3 and 4 merchants to complete an annual self-assessment questionnaire and, if necessary, quarterly ASV scans. Our services include the following:

1. One flat price includes both SAQ and SCAN. There is no additional charge to the ISO/Processor or the merchant for the ASV scan, regardless of the scan ratio!

2. Monthly billing option is available.

3. A branded iFrame ready portal is ready in only about three business days (not weeks).

4. Reporting meets card brand format requirements for Visa, MasterCard, and Discover.

5. An easy-to-use electronic self-assessment questionnaire simplifies the process for merchants.

6. ASV-approved vulnerability scanning engine by Saint Corporation (Certificate Number 4268-01-07).

7. Service provided through an integrated portal with the SAQ and scan to check status and update your account 24/7.

8. Assistance to help pre-fill the SAQ to save merchants' time.

9. Guidance to ensure that merchant completes the proper SAQ.

10. Support provided from every page with auto-fill locators to help answer merchant's questions quickly.

11. Custom Remediation Plan helps your merchant fix virtually anything that prevents PCI compliance.

12. Customized security policy is provided for your merchants, as required for PCI compliance.

13. Customized Incident Response Plan is provided for your merchants, as required for PCI compliance.

14. PCI QSA experts are prepared constantly to support merchants with their portal and PCI-related questions.

15. A $50,000 data breach insurance policy is available for each merchant (Additional Cost)

16. A discounted QSA ROC is available for Level 1 and Level 2 merchants as well as Level 3 or Level 4 merchants that have experienced a data breach and are required to undergo a Level 1 ROC audit.

For more information, please call us at 866-735-3369 or fill out our “Contact Us” page and an auditor will call you to arrange for a detailed presentation.

If you need help getting started... Contact Us!