We recently reported that Sysnet’s Natasja Bolton, Senior Acquirer Support had contributed to the development of new payment resources to help small merchants and their banks defend against cybercrime. In this follow-up article we asked Natasja to elaborate further on what her role entailed and how she contributed to the development of this new vital resource.

Simple, easy to understand language

Getting started, Natasja outlines some of the key focusses of the taskforce. “The Small Merchant Taskforce was a wonderful opportunity, making the most of my Sysnet experience helping smaller businesses understand the payment card industry data security standard (PCI DSS).

I and the other Taskforce participants worked hard to make sure the resources avoided acronyms and industry terminology, we focussed on producing materials that use simple, easy to understand language and visuals. We wanted to make sure that the intended audience really felt, after reading the materials that they understood their security risks and the actions they could take.” Natasja explained.

Collaborating on guidance and resources

For those not so familiar with the Small Merchant Taskforce, it was formed by the PCI Security Standards Council in May 2015. The primary goal being to improve payment data security for small businesses by collaborating on guidance and resources that simplify data security and PCI Data Security Standard (PCI DSS).

“It has been very interesting to work with the Small Merchant Taskforce members, who represent all aspects of the card payment industry: the PCI Council, card brands, acquirers, vendors, assessors, small business and business/trade associations.

It has been a collaborative and supportive process and, as you would expect, there was much discussion and reviewing to achieve consensus on what worked best for the small business audience. My involvement was primarily reviewing draft content, providing feedback and suggesting content updates for the deliverables as they were being created and during our web conference calls.”

Natasja’s experience and knowledge played an important part in the taskforce. “Along with the other UK-based Taskforce contributors, one of my goals was to ensure that the payment systems described and diagrammed in the resources reflected the full range of payment channels and solutions globally. “

As a company, Sysnet strives to assist businesses and service providers in understanding and complying with the requirements of the PCI DSS. “I tried to bring our appreciation of the challenges many businesses face when it comes to PCI compliance to the discussions” Natasja explained. “I believe the Small Merchant Taskforce is the first time the PCI Council has engaged directly with merchants; they are very keen to make sure it is a success.

Unlike the acquirers or ISOs, the Council has no direct channel to engage with merchant businesses. Now that the materials are published, they are eager to make sure the materials get out to their intended audience”

Natasja concludes that the outputs of the taskforce are important for any business supporting small businesses in the payments industry, from acquiring clients to service providers with small businesses. “I really believe these materials can and will help small business reduce risks to payment card data.”

The full set of resources can be found on the PCI Council’s website here.