PCI 1-2-3

A simpler path to security for a small business

pCI 1-2-3. A Simpler Way to PCI Compliance

Why PCI 1-2-3

The thought of losing or compromising a shopper’s personal information is a critical concern of retailers. It makes shoppers reluctant to buy which costs retailers business. It’s also a top issue for the credit card brands, which lose more than $1 billion a year to card fraud. The Payment Card Industry (PCI) Security Standards Council (an organization formed by the card brands) created the PCI Data Security Standards (DSS) to help merchants proactively protect customer account data.

Any merchant or service provider that stores, processes or transmits customer account data must comply with the PCI DSS controls and processes. If you don’t, you risk costly fines, audit costs, restrictions or worse should a breach occur.

Our Partner

Our partner, ControlScan, makes it easier to meet PCI requirements and protect your customers’ important information. ControlScan’s PCI 1-2-3 compliance solution, available online via a merchant portal called myControlScan.com, provides you with the leading tools and support necessary to analyze, remediate and validate PCI Compliance at an affordable rate.

Learn More About Achieving PCI Compliance

  • An intuitive, engaging user interface, with simplified SAQ questions that are presented in a logical order
  • Easy-to-understand help-text with pictures that clearly illustrate and explain key concepts
  • The ability to complete all or any part of the SAQ and apply responses to affiliate businesses
  • A faster SAQ completion and revalidation process, saving time and eliminating frustration
  • External vulnerability scans that check for cross-site scripting, SQL injection, remote file inclusion and many other application and network-based vulnerabilities
  • Scan reports that meet the Approved Scanning Vendor (ASV) Program Guide requirements
  • Vulnerabilities prioritized by severity
  • Detailed instructions for correcting identified problems
  • A set of custom security policies, powered by the Unified Compliance Framework (UCF), a leading provider of IT compliance, governance and regulatory content
  • Policy templates that are automatically generated based on the way you process payment cards, making it easy for you to comply with this specific PCI DSS requirement

On-demand security training delivered in a non-technical, easy-to-consume manner which satisfies the PCI Data Security Standard (PCI DSS) security awareness requirement. Benefits include the following:

  • Equips you with a solution to combat the second leading cause of breaches, the mishandling of sensitive information; delivered via on-demand video or as a downloadable file
  • Allows you to satisfy the PCI DSS requirement for a formal security awareness program (and affirmatively answer the SAQ question, “Is a formal security awareness program in place to make all employees aware of the importance of cardholder data security?”)
  • Eliminates the need to purchase a costly security awareness training program from a third-party vendor

ControlScan’s support team is staffed by professionals with expertise in the PCI DSS. This team has years of experience working with small merchants. This deep knowledge of PCI and understanding of how small businesses operate allows ControlScan to provide you with clarification of the PCI Compliance requirements in terms that make sense to you. Support is available via telephone, email or online chat.

PCI Portal Login