Username:
Password:
| Credit Cards, Payment Processing, Fraud Discuss different types of credit card processing accounts, merchant processors, etc, and protecting yourself from (or reporting about) fraud. |
 |
03-17-2008, 02:06 PM
|
#1 (permalink) |
Status: Member
Join Date: Mar 2008
Location: Texas
Posts: 69
 
|
New Visa MC Compliance & potential fines??
Hi everyone!
We have a yahoo store and use one of their authorized processors - FDMS. I got an email to day about a new Visa/MC compliance thing - and we must be compliant by mid -april. I called my processor and they said it was not a scam email - so I called the external compliance vendor. Basically, they set up quarterly "scans" of my office computer (and I guess the solid cactus call center since they take orders too??) to determine safety. If it falls below the safety standards of MC/Visa - (i.e. hackers might be able to get in) - we are given XYZ to fix it. If we are not compliant by Mid-April or do not fix any of these "security scans" and have a fraudulent credit card indicent - we are subject to huge fines. Apparently FDMS pays the "fee" for the service and I was charged this fee at the on my merchant statement at the end of 2007. Anyone else heard of this?? Has the Solid Cactus Call center heard of this? The email is below...... Carol ------------------ Thank you for choosing Express Merchant Processing Solutions for your merchant payment processing needs. As a valued merchant of Express Merchant Processing Solutions, your transaction security is very important to us. To help prevent cardholder fraud and identity theft, Visa and MasterCard have established the Payment Card Industry (PCI) Data Security Standard. For information about these security programs please visit: * Cardholder Information Security Program | Merchants | Visa USA * MasterCard Site Data Protection Program Redirect * www.pcisecuritystandards.org Why am I getting this e-mail? The PCI requirements now apply to ALL merchants, not just to business on the Internet. We are committed to helping you get the most value from your relationship with us and to help you protect yourself against cardholder fraud and identify theft. We are working together with SecurityMetrics, an approved PCI compliance security assessor, to help you become PCI compliant. What do I need to do? Your Annual Compliance Fee has already paid for the SecurityMetrics Site Certification PCI services. You are requested to resolve this by April 16, 2008, so please ACT NOW to understand your specific requirements and ensure your compliance. All you need to do is contact SecurityMetrics at 800-557-4684. They'll help you with the rest! You may also contact them online at: Simplify PCI DSS Merchant Compliance - SecurityMetrics SecurityMetrics is a certified assessor for Visa, MasterCard, American Express and Discover Card. They provide outstanding customer support and will work to help you satisfy your compliance needs. Their "Site Certification" program provides full merchant compliance and automatic reporting to Express Merchant Processing Solutions. Even if you have already met the requirements for PCI we need to update our records with your compliance information. To resolve your compliance status, please contact SecurityMetrics at 800-557-4684. The Card Associations are very serious about data security...if you are compromised, the Association fines can range upwards to $500,000 per Association. Because the need for PCI certification and compliance is an urgent matter, Express Merchant Processing Solutions may take adverse action against your account. This action may include but is not limited to establishing reserves on your account which can range upwards of $10,000 or more, if you do not comply with the requirements of the PCI DSS program. How do I know this is not a scam? To assist in validating this email, Express Merchant Processing Solutions has included information about PCI DSS Compliance on our website, YourMerchantInfo - PCI Compliance for Level 4 Merchants. Please be sure to visit this website to learn about PCI DSS! You can get up-to-date information on PCI, including MasterCard's schedule of PCI educational webinars. You also have the ability to ENROLL directly with the SecurityMetrics Level 4 program by clicking on the ENROLL button found under the PCI Compliance topic. If you are still concerned that this notice might be a scam, please call us at anytime to validate this notice. You may also use your traditional contact information on your monthly, as well as refer to recent messages included in/on your statement. Your participation in this program is very important and we appreciate your time and assistance. Sincerely, Express Merchant Processing Solutions 
|
|
03-17-2008, 05:29 PM
|
#2 (permalink) |
|
Status: Guest
Posts: n/a
|
Chances are, after a little searching around, that your requirements extend to answering a questionnaire and registering as a Level 4 merchant.
I read through their site, and FDMS too. Here's their site: SecurityMetrics Site Certification - Simplify PCI Merchant Compliance - SecurityMetrics And then, FDMS provided information on their site as well (linked above). So it looks fairly easy for you to do.  Jsst register, do the questionnaire and you should be all set.Hope this helps...
|
|
03-17-2008, 06:38 PM
|
#3 (permalink) |
|
Status: Junior Member
Join Date: Mar 2008
Location: Orange County, CA
Posts: 3
|
PCI compliance
I got one of those scary sounding letters or e-mails last fall. We signed on with ScanAlert to provide our PCI Compliance verification and once we got through the initial set-up phase, it's been fairly painless. There is a comprehensive questionnaire to complete and I printed out some helpful guidelines for our employees (such as changing their internet access passwords every few months and ensuring we don't keep handwritten CVV codes on phone order sales). Quarterly, we get a reminder e-mail that we need to download a PDF report showing our compliant state.
|
|
03-19-2008, 12:37 PM
|
#4 (permalink) |
|
Status: Member
Join Date: Mar 2008
Location: Texas
Posts: 69
|
more ? on credit card compliancy
ok - good to know.
It just sounds so scary that the website is now responsible for security (vs yahoo stores set up or the credit card) and we would get fined for someone scamming us...seems backwards and big brotherish. All for better security, but.... Another ?, some orders I process from my home office and some obviously from solid cactus call center, we are small and only have contract employees so I usually process the credit card myself. Has anyone experienced this set up - or do you have to get SC call center compliant as well?
|
|
03-19-2008, 04:26 PM
|
#5 (permalink) |
Status: Solid Cactus Administrator
Join Date: Feb 2008
Location: Shavertown, PA
Posts: 81
   
|
Hi Carol...
Why don't you send me an email with the particulars and I will find out all you need to know! Promise... I'll make sure we take good care of you!
__________________
--- John W. Dawe Managing Editor, Ebiz Insider Marketing Operations Manager 570-706-7039 | 888-361-9814 ext. 7039 Columnist: eBiz Insider Tech Corner
|
|
| Bookmarks |
«
Previous Thread
|
Next Thread
»
| Currently Active Users Viewing This Thread: 2 (0 members and 2 guests) | |
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT -4. The time now is 03:15 PM.
Copyright ©2000 - 2008, eBiz Insider, a division of Solid Cactus, Inc. - All rights reserved.
106 South Lehigh Street - Shavertown, PA 18708 - 888-361-9814
Hosted by SingleHop.com
106 South Lehigh Street - Shavertown, PA 18708 - 888-361-9814
Hosted by SingleHop.com
