First Data Corporation, a global leader in electronic commerce and payment processing, today announced the First Data PCI Rapid Comply solution, an easy-to-use online Self-Assessment Questionnaire (SAQ) and vulnerability scanning tool that can help small to mid-sized merchants achieve and maintain Payment Card Industry Data Security Standard (PCI DSS) compliance. First Data is the first payment processor to offer the convenience of this type of integrated service directly to its customers.
The PCI Rapid Comply solution is a merchant-facing, help-based web application that can be used to complete the annual SAQ quickly and easily. By answering just a few pre-SAQ questions, the PCI Rapid Comply solution can direct merchants to the SAQ version that is right for their business and help pre-populate the appropriate SAQ questions with accurate answers.
This process minimizes the volume of questions merchants must answer, which are typically the most difficult questions, and in some cases reduce the number of questions merchants have to answer by as much as 85 percent. A real-time dashboard keeps track of where merchants are in the compliance process and shows what percent of the SAQ is finished.
To help ensure merchants are compliant, the PCI Rapid Comply solution also includes integrated vulnerability scanning for merchants that are required to perform quarterly scans. Once set up, the PCI Rapid Comply application will automatically execute quarterly scans for those merchants that are required to pass a scan as part of the compliance process; there is nothing to remember to make sure these scans are completed.
The solution also offers merchants a customized remediation or “fix it” plan to help identify any steps the merchant needs to take to become compliant. After achieving PCI certification, each merchant is presented with customized Information Security and Incident Response Policies based on the specific SAQ document the merchant completed.
“Many smaller merchants have been under the assumption that they need to be security experts to be PCI-compliant, and the process can be overwhelming,” says Bruce Dragt, SVP and division manager, Payment Acceptance at First Data. “With the PCI Rapid Comply solution, merchants can now quickly and easily complete the necessary SAQ online at anytime with extensive built-in help including live chat from First Data. Because our customers are already in our system, we can streamline the process by helping to pre-populate some of the most difficult technical questions included in the SAQ.”
The PCI Rapid Comply solution is part of First Data’s overall suite of data security solutions, which also includes the First Data TransArmor solution that uses a combination of tokenization and encryption technologies to secure sensitive payment card data. Deploying a multi-faceted approach to data security with solutions such as PCI Rapid Comply and TransArmor along with EMV, a chip and PIN technology that combats fraud, can help merchants dramatically increase security at their point of sale.
The PCI DSS was created by the major credit card companies as a guideline to help business owners implement the necessary hardware, software and other procedures to guard sensitive credit card and personal information. In 2011, 96 percent of the 855 data breaches investigated by the U.S. Secret Service and Verizon's forensic analysis unit were not compliant with PCI DSS at the time of the data theft.