No two PCI solution providers are the same. If you want to work with a fully hosted solution provider who makes PCI DSS compliance as smooth and simple as possible (who doesn’t?), you’ll need to ask the right questions at the fact-finding stage and pay close attention to what is (and isn’t) being said to ensure the proposed solution is fully fit-for-purpose.
Choose wrong and you could find yourself with a system which requires just as much time and effort as taking care of PCI compliance in house.
Tailored PCI Solutions are Always Best
One size certainly does not fit all when it comes to compliance. Although most of the secure payment solutions currently available are built upon similar technology and functionality, it’s how the solution provider manages the project and deploys the solution in your contact center that can make a big difference to your business.
While some businesses are wholly focused on e-commerce, some might only process payments over the phone, and a hybrid payment model could add another layer of complexity. Will your PCI solution provider take the time to understand your specific requirements and tailor the best solution to meet your needs and minimize disruption, or will they simply recommend an off-the-peg product that means you’ll need to change the way your contact center operates?
Factors that could affect the PCI solution include:
- Size of the business
- Number of transactions processed
- Internal processes and best practice
- Hosted or on-premises
- Payment gateways used
- Other service providers
A good PCI solution provider will always work with you to find the best solution that’s built around your contact center, rather than vice versa.
How to Choose Your PCI Solution Provider
To ensure you select a solution provider who will stand you in good stead, make sure your prospective partner has a thorough understanding of your business and is able to demonstrate how the proposed solution has been tailored to meet your individual requirements.
While some providers only offer impractical one-size-fits-all solutions, the best providers will design a solution and operational deployment plan that will ensure maximum convenience and minimal disruption to your business – and won’t require you to change your internal systems and processes.
Basic Checks to Perform
Before you sign a contract with a third party PCI compliance supplier, it’s always wise to carry out a couple of basic checks to ensure you’ll receive the solution and service you’re expecting.
Firstly, make sure the supplier offers scalable solutions that integrate with all payment gateways, major cloud carrier platforms and leading phone vendor systems. And secondly, ask to see proof of their PCI SSC accreditation. We believe Level 1 PCI DSS certification is the only standard you should consider, but not all of our competitors share this view.
At PCI Pal, we work with merchants, contact centers and other enterprises to build secure payment cloud solutions which work for your business not against it. Experienced, flexible, pragmatic and transparent, contact our expert team today for specific recommendations that meet the individual PCI compliance needs of your business.