PCI Milestone for Avid Payment Solutions: 62% Compliance in 6 Months

84% Enrolled in Program Utilizing SecurityMetrics' PCI DSS Compliance Services

Jun 08, 2010, 09:13 ET from SecurityMetrics

BIRMINGHAM, Mich.,  SALT LAKE CITY June 8 /PRNewswire/ -- Michigan-based payment card processor Avid Payment Solutions announced today that more than 60% of the merchants in its portfolio validated their PCI compliance within six months after Avid launched its Payment Card Industry Data Security Standard (PCI DSS) compliance program. The rapid results were achieved through a combination of Avid incentives and SecurityMetrics' PCI Site Certification Services.

Between November 2009 and April 2010, 62% of Avid's entire merchant base was validated compliant with PCI standards. Of the additional 22% enrolled in the program, all but a handful were partially validated in the same period after completing either the vulnerability scan or Self-Assessment Questionnaire (SAQ), positioning Avid to quickly increase its compliance rates.

Avid selected SecurityMetrics as its PCI compliance partner because of its comprehensive services, use by Avid payment processor First Data, and emphasis on live merchant support. SecurityMetrics' 175-person call center is available to answer merchants' PCI questions with no upcharge to SecurityMetrics' annual flat fee per merchant, eliminating hurdles encountered with online-only programs that offer no personal assistance.  

That live support has helped drive the strong results for Avid's PCI initiative, along with repeated merchant communications handled by SecurityMetrics through emails, faxes and outbound calls. Other contributing factors include Avid's offer of a $50 rebate on the first year's $99 annual enrollment fee for merchants that achieved PCI compliance validation before December 31, 2009, and Avid's $20 monthly penalty for each month of non-compliance after that same date.

"Our goal is 100% compliance, and we are getting there faster than we ever anticipated. The credit clearly goes to our education efforts, our fee structure, and the personal service available to our merchants from the SecurityMetrics call center. They're there 24x7 to clear up any confusion and speed the process along," said Clinton Baller, President of Avid Payment Solutions. "Compliance is mandatory, and our experience shows that it is less of a hurdle than acquirers and ISOs have made it out to be."

Avid is using SecurityMetrics' full suite of PCI compliance services, provided as a complete package with no add-on fees for individual components. The package includes:

  • Vulnerability assessment via SecurityMetrics' proprietary scanning engine, which checks for more points of Internet security than other services and individually lists each potential entry point on the SecurityMetrics Site Certification Report.  
  • Multi-channel communications to encourage merchant enrollment, including a steady campaign of emails, faxes and outbound calls executed on behalf of the bank or ISO.
  • Merchant Compliance Console, a web-based portal that equips acquirers and ISOs with detailed real-time portfolio compliance progress, drilldown to merchant scan and questionnaire results, and easy PCI compliance reporting.
  • Unlimited 12-month 24x7 merchant telephone support on the Self-Assessment Questionnaire (SAQ), scanning and other general security questions provided at no additional charge, eliminating confusion caused by online self-service offerings.

"There is still skepticism about the ability of Level 4 merchant PCI compliance programs to succeed, but Avid's performance demonstrates that the 'it won't work' theory is a fallacy," said SecurityMetrics CEO Brad Caldwell. "A program that combines a committed acquirer or ISO with easy-to-use technology, procedures and one-on-one merchant support can bring a merchant portfolio into compliance in record time."

SecurityMetrics has assisted nearly 400,000 small and mid-sized merchants in validating their PCI DSS compliance to date, making the company one of the largest providers of PCI compliance services in the industry. Its call center handles more than 100,000 merchant calls per month.

The PCI DSS is a comprehensive set of global security requirements developed by the PCI Security Standards Council in order to safeguard cardholder data worldwide. The organization was founded by American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa, Inc.

For more information about SecurityMetrics' PCI compliance solutions, contact a representative at 801.724.9600 in North America, 0207.993.8030 in Europe or 61.2.8011.3270 in Australia.

About SecurityMetrics

SecurityMetrics, Inc. is a leading provider of Payment Card Industry (PCI) Data Security Standard (DSS) security solutions, including the most successful mass-merchant compliance model in the industry.  The company is certified to perform PCI Scans (ASV), PCI audits (QSA), Payment Application Data Security Standards audits (PA-QSA), penetration tests and forensic incident response assessments (QIRA). SecurityMetrics also offers a security appliance that includes vulnerability assessment, intrusion detection and intrusion prevention capabilities. SecurityMetrics is a privately held corporation headquartered in Orem, Utah. For more information, contact SecurityMetrics at (801) 724-9600 or visit www.securitymetrics.com.

About Avid Payment Solutions

Avid Payment Solutions is a registered Independent Service Organization and Member Service Provider of Wells Fargo Bank., N.A., Walnut Creek, CA, and is powered by First Data. The firm was founded in 1995 as PayNet Merchant Services Inc. and is located in Birmingham, MI. For more information, visit www.avidpays.com  

SOURCE SecurityMetrics