Keeping your online business inline with industry rules and regulations isn’t easy. It’s a time consuming, yearly process but one that is vital to staying in compliance. The annual Level 1 Payment Card Industry (PCI) Audit is the deepest dive that a group of outside security auditors will do on a payment system to be sure its secure. This weeklong, on-site audit is required for licensing in both the U.S. and the EU and can take a team up to an entire year to get ready. In Cathy’s latest XBIZ Column, she and Segpay’s IT Director share the top three ways to help narrow down what to focus on for the 2021 PCI Audit.
“Having processes like end-to-end monitoring and analytics, along with metrics and logs across the full stack, are extremely helpful to get a bird’s-eye view of what’s going on in your company,” said Segpay CEO Cathy Beardsley.
One of the most important things to work on is cyber security and protecting yourself. You must be proactive, not reactive especially mitigating issues before they have an impact on a business. Learn more about the steps you can take to protect the health and safety of your business in the full column here.
In May we talked about Europe’s revised Payment Services Directive (PSD2), what it means, and what Segpay is doing to ensure merchants are in compliance. With PSD2’s September 14th start date less than a month away, we thought this was a good time for an update on where things stand and what will change for Segpay merchants under these new EU regulations.
YNOT took a detailed look into content the major credit card brands deem acceptable (or not) for sites taking online payments, and how merchants often must balance free expression with the necessity of getting paid for their work. Segpay CEO Cathy Beardsley was interviewed for the piece and provided insight from the payment processor’s point of view:
Cathy’s latest XBIZ.com piece, Major Card Brands Roll Out New Changes, focuses on recent updates from Visa and Mastercard aimed at reducing chargebacks, while highlighting advances in the anti-chargeback tools at our disposal, including 3-D Secure 2.0 and Visa’s Merchant Purchase Inquiry program.
While rules are getting stricter, the tools we can use to fight chargebacks are stronger than ever…. (Visa) will allow processors supporting VMPI to respond to a bank inquiry almost immediately, ensuring it does not become a chargeback.
Last year Segpay was re-authorized as a Payment Institution in the UK, and, by extension, the EU as well. It’s an important designation that tells merchants that a processor adheres to stringent governmental regulations around payment and data security, as well as anti-money laundering (AML) and counter-terrorist financing laws. In the EU, payment processors who provide settlement to merchants require a license, highlighting the importance of demonstrating compliance with these laws to ensure funds are safe.
Please check out Cathy’s latest XBIZ piece, The Rocky Road of Regulations in 2018, in which she recaps the litany of new rules and other challenges our industry had to navigate during the past year. The good news: we’re all stronger for having gone through the process of dealing with everything that came at us in 2018.
When it comes to the content on our merchants’ websites, we are extremely open minded. However, the credit card brands – Visa and Mastercard in particular – have pretty specific guidelines about what is allowed and what isn’t. A big part of Segpay’s role is in making sure our merchants are staying in compliance with these guidelines. Cathy’s latest piece on XBIZ.com, Taming the World ‘Wild’ Web, discusses what you need to know about content guidelines to avoid fines.
One of our responsibilities as a biller is to scrutinize content on the websites where we process, because inappropriate content can lead to serious consequences with the card brands. Even not having enough content can be a problem – not because it leads to fines, but because it can be a predictor of chargebacks.