Sysnet survey finds small merchant PCI compliance lagging

A recent merchant acquirer survey by Sysnet Global Solutions revealed that overall small merchants are not effectively engaging in PCI compliance programs. Among those surveyed, higher merchant PCI compliance rates remain a top priority, with most targeting 70 percent as the minimum compliance rate, and more than 15 percent aiming for 90 percent or higher PCI compliance rates within their merchant portfolios.

"We conducted this survey to put some structure on the many conversations we have had with acquiring organizations who feel they're fighting a losing battle when it comes to getting smaller businesses secure and compliant," said Gabriel Moynagh, CEO at Sysnet.

To overcome the challenges identified within the small merchant category, which include lack of knowledge, urgency and time to dedicate to PCI compliance, acquirers surveyed plan to deploy strategies to lift compliance rates in the future. Seventy-six percent plan to increase merchant communications, while 72 percent were equally dedicated to merchant education, and increased participation in managed security and compliance programs.

Non-compliance fees not enough

A number of acquirers queried said that non-compliance fees, originally implemented to encourage participation in PCI programs, have been ineffective. "PCI non-compliance fees seem like a good idea to prompt smaller businesses to take action, but the real problem is that they just don't have the knowledge, time or resources to get and maintain compliance," Moynagh stated.

In fact, 56 percent of the acquirers surveyed do not believe non-compliance fees drive compliance, and most agreed that the industry needs to wean itself off non-compliance revenue, which most cited as a significant contributory factor in merchant attrition.

Forty-four percent of those surveyed felt that non-compliance fees damaged their brand as an acquirer, and nearly all agreed they must do more to provide small merchant offerings to assist merchants in securing data and improve PCI compliance rates.

"It is likely that PCI compliance will continue to evolve over the next five years, and it's important for us to continue to develop and grow our SME offering by adding new value to our payment solutions," said Wally Mlynarski, Chief Product Officer at Elavon Inc., whose firm partnered with Sysnet to provide managed PCI compliance and cybersecurity tools to merchants that are easy to implement.

"We've always looked for ways to improve the self-assessment process for smaller merchants, and have concluded that what those businesses really need is help," said Moynagh. "Our managed compliance and security solution, Proactive Data Security (PDS), not only helps merchants complete the compliance process, it also identifies and installs the security tools necessary to protect the business."

To view the full report and survey results, visit wwwv.sysnetgs.com/pci-sentiment-survey-ebook .

Editor's Note:

The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.