Need support?
Our team actively monitors all support tickets and replies to them within 24 hours.
Our team actively monitors all support tickets and replies to them within 24 hours.
Want to see if PCI Portal is right for your business? Fill out your info, and our Sales Team will be in touch soon!
PCI stands for “Payment Card Industry” and DSS stands for “Data Security Standards”. PCI DSS regulations are mandated by the Security Council. The Security Council is controlled by the Card Brands Visa, MasterCard, Discover, and others. Full details of PCI DSS can be found on the Security Council’s website at www.pcisecuritystandards.org.
PCI DSS focuses on the protection of cardholder data throughout the transaction process whether in a retail environment or over the internet, or anywhere in between. The payment card industry is more diverse today than ever. Each day new payment applications expand the methods on how consumers can use the credit cards to purchase goods and services.
We design our products at the wholesale level and sell directly to the ISO, Bank, Processor, QSA, ASV, or security partners. These entities are our clients as they provide the portal to their portfolio (merchant list) and resell our customized Web Portal services (usually at a mark-up), therefore we are usually a strong profit center for these financial entities.
Our portal and pricing models are revolutionary in how they are constructed. We are priced generally well below our closest competitor. We offer unsurpassed service and support with more than over 200 ISO’s, Banks, Processors, QSA’s, ASV’s and other partners that have loaded their merchants to our portal.
What are my requirements as a merchant?
The extent of your PCI DSS requirements are determined by which level you are determined to belong.
The first issues in this determination begins with how many transactions are processed per year combined with how the credit card transactions are taken. Currently, there are 4 levels merchants are categorized for PCI DSS (defined more in these FAQ’s).
What are the 4 merchant "levels" for PCI DSS?
The PCI DSS requirements vary depending on which level your merchant account falls.
Currently, the PCI DSS is divided into 4 levels:
What is completed during my set-up?
Our Web portal is a “vanilla shell” meaning we can customize the Web Portal to your colors, logos, and other attributes to your specifications. We have the ability to help larger entities do a completely customized site if desired or integrate with an existing website using API.
How is the program communicated to my merchants?
Encytro will never contact your merchants directly or indirectly for any reason nor would we share any information with any third party. Release of information specific to your portfolio is controlled by your ISO. All communication is done through your organization at its expense. Some good options include: statement messages, statement inserts, email blasts, and direct calling especially to your merchants requiring scans.
How long does it take to set up a new ISO account?
Our portals can be established and up and running within the same business day in most instances.
How do I get billed?
You can choose either monthly or annual billing.
We recommend you make this decision based on how you intend on billing your portfolio (merchants).
If you bill PCI DSS Fees annually then it might be easiest on cash flows to bill with us on an annual basis as well. Many ISO’s like the annual option so their merchant base is not seeing the costs of PCI printed each month they read their processing statement. Other ISO’s are choosing to absorb the costs as an additional monthly or on account fee and either not specifically pass any new fees to the merchants or charge a nominal monthly fee.
The choice is yours!
What are my requirements as an ISO or Financial Institution?
Keep in mind that the general idea of the Security Council regarding PCI DSS is to provide a platform where the Card Brands can reach across the layers of entities (Banks, Processors, ISOs, and Sales Representatives) to directly communicate with the merchant. The requirement of the ISO is to provide the Self administered tools set to the merchant– that is all. The tools must provide the merchant the ability to complete their PCI DSS steps which include the Self Assessment Questionnaire (SAQ) and a Scan provided by an Approved Scan Vendor (ASV). By providing the merchant with access to these tools the ISO has gone a long way toward fulfilling their role in PCI DSS.
What does it cost me?
Pricing is based in a simple pricing matrix driven by the term and services you select. Our longest term is 3 years while we offer terms as short as 1 year if desired. The longer term you select the lower we can keep your pricing.
Does Encytro provide technical support?
Yes, we provide escalated support for SAQ’s and full support directly for all Scan Merchants via our Approved Scan Vendor (ASV).
Our standard pricing requires your organization to provide the first tier of support however, we are available directly for escalated support.
We can provide a turn-key full support option for a nominal additional fee to our standard pricing.
How are all Merchant Levels defined?
Levels | Criteria | Annual QSA Audit | Annual SAQ | Quarterly ASV Scan | |
Merchants |
1 |
6,000,000+ transactions per year or compromised in the past year |
X |
|
X |
2 |
1 million to 6 million transactions per year |
|
X |
X |
|
3 |
20,000 to 1 million e-commerce transactions per year |
|
X |
X |
|
4 |
Less than 20,000 e-commerce transactions per year and all other merchants processing up to 1 million transactions per year |
|
X |
X |
|
Service Providers |
1 |
All VisaNet processors (member and nonmember), and all payment gateways |
X |
|
|
2 |
Any service provider that is not in Level 1 and stores, processes, or transmits more than 1,000,000 Visa accounts/transactions annually |
X |
|
|
|
3 |
Any service provider that is not in Level 1 and stores, processes, or transmits less than 1,000,000 Visa accounts/transactions annually |
|
X |
X |