Report: ISOs and Acquirers Not Offering Security Risk-Reducing Technologies and Services Desired by Small Merchants

ControlScan-sponsored survey results reveal momentum in small merchant PCI compliance, but also show that more work needs to be done to reduce the number of breach incidents

ATLANTA--()--Payment security and compliance service provider ControlScan today announced a newly-released survey report that highlights findings from its third annual survey of merchant acquirers. “Building Momentum: The Third Annual Survey of the Acquirer’s Perspective on Level 4 Merchant PCI Compliance was produced in partnership with Merchant Acquirers’ Committee (MAC) and reveals important areas in which ISOs, acquirers and other merchant service providers (MSPs) are missing opportunities to help merchants close payment security gaps.

According to the ControlScan/MAC report, just 44 percent of survey respondents’ organizations currently offer risk-reducing tools or services—beyond access to the PCI-required Self Assessment Questionnaire (SAQ) and external vulnerability scanning—to help merchants meet specific payment card industry requirements. Of the MSPs currently offering additional value-added merchant solutions, tokenization and point-to-point encryption are the most common.

“Today’s threat environment challenges merchant service providers to take a fresh look at their PCI programs,” said Heather Foster, vice president of marketing, ControlScan. “Small merchants in particular need guidance in terms of readily-available technologies and services that reduce PCI scope and support a strong security posture.”

Other key findings from this year’s ControlScan/MAC survey show that MSPs are building momentum in small-merchant PCI compliance validation, but that more work needs to be done. For example, more acquirer survey respondents are reporting portfolio compliance rates above 40 percent; however, there has also been a 23 percent increase in the number of merchant breach incidents since 2012.

“The latest acquirer survey reveals great opportunities for MSPs, including the ability to offer merchants risk-reducing tools as well as justification for being more aggressive in charging non-compliance fees,” said Susan Matt, CEO of payments consulting firm ThoughtKey, Inc., and longtime MAC committee member. “MSPs who seize these opportunities will achieve greater risk reduction overall, gain revenue and ensure merchant retention.”

The free survey report includes specific recommendations to help acquirers successfully engage their Level 4 merchants in the PCI compliance process. To access a copy of the survey report, please click here. An infographic highlighting key data points is also available here.

About the Survey

The ControlScan/MAC Third Annual Acquirers Survey was completed between October 20 and November 20, 2013 by 139 banks, processors and ISOs with Level 4 merchant portfolios ranging from less than 1,000 accounts to more than 50,000.

About ControlScan

Headquartered in Atlanta, Georgia, ControlScan delivers payment security and compliance solutions to a global network of merchant service providers and the small businesses they serve. The company’s innovative approach to secure hosted payment and PCI compliance solutions leverages technology, education and services to provide flexible options for its customers. Known for its thought leadership, ControlScan gives its customers a clear view of marketplace issues and trends so they can remain competitive. For more information, please visit ControlScan.com or call 1-800-825-3301.

About Merchant Acquirers’ Committee (MAC)

MAC is dedicated to providing banks, ISOs and card associations with universal risk management solutions through ongoing communication and cooperation among its membership. For more information on MAC's 2013 Conference and sponsors, visit www.macmember.org.

Contacts

ControlScan
Stacey Holleran, 678-279-2645
Sr. Public Relations Manager
sholleran@controlscan.com

Release Summary

2014 survey report by ControlScan and MAC gives the acquirer's perspective on Level 4 merchant PCI compliance, revealing trends and issues in helping small merchants with payment security.

Contacts

ControlScan
Stacey Holleran, 678-279-2645
Sr. Public Relations Manager
sholleran@controlscan.com