Customer: AIB Merchant Services
Challenge: Enhance payment and data security for AIB Merchant Services’ customers
“From the information we had from merchants, it was clear that Sysnet.air was the ideal solution for our needs”
Andrew McCarroll, PCI Compliance Manager for AIB Merchant Services
Banking on superior data security
AIB Merchant Services is one of Ireland’s largest providers of payment solutions, with extensive operations in Ireland and Britain, and with card processing capabilities throughout continental Europe. They process millions of payments every day, and deal with every major credit and debit card accepting payments in every channel available. In a rapidly transforming industry, they remain at the cutting edge consistently providing superior customer service.
Their innovative new Clover™ system was awarded “Best Innovation” at the Card and Payments Awards 2015 and “Best Acquirer” at the 2017 MPE Awards. This is the third time in the past four years that AIBMS has scooped the coveted award. This prestigious accolade is awarded to the outstanding Acquirer who has developed an excellent acquiring service for customers throughout Europe.
A key part of AIB Merchant Services’ customer proposition offers enhanced security for payments data. In the last five years throughout the entire industry worldwide, there have been more than a billion data breaches, and 96 percent of these incidents were due to sub-standard payment practices. In this climate, it’s more important than ever that merchants have access to payment solutions that offer the best possible security in order to counter the fraud threat.
Complying with the latest standards
To ensure payments are secure and safe from data breaches, AIB Merchant Services is committed to supporting its merchant customers in complying with the rigorous requirements of the Payment Card Industry Data Security Standard (PCI DSS).
PCI DSS is an internationally renowned certification designed to assist businesses of all shapes and sizes in accepting card payments quickly and securely. To comply, organisations need to meet a number of requirements relating to the storage and transmission of card data during the transaction process in order to prevent data breaches.
Streamlining the PCI DSS process
The controls needed to comply with PCI DSS are extensive and complex. This burden, when combined with the other responsibilities of running a successful business, can be difficult for merchants to bear on their own.
When revamping its PCI DSS programme, AIB Merchant Services wanted to support its customers by streamlining the compliance process for low-risk merchants, with a new-look compliance portal. A key part of this was eliminating the need for merchants to fill in a Self-Assessment Questionnaire (SAQ) when they may not actually be required to, as well as reducing the scanning requirements for low-risk customers.
“We wanted to make the compliance reporting procedure as user-friendly as possible,” explained Andrew McCarroll, PCI Compliance Manager for AIB Merchant Services.
“This was crucial to create a more positive experience for our customers. Pre-populated forms and a fast-track path for merchants using certain products or terminal types are a must to help achieve these goals.”
In addition, AIB Merchant Services wanted to overhaul its protocols for communicating with merchants, transforming the language as well as the channels in order to improve customer engagement with communications material relating to PCI compliance.
Collaborating on the perfect system
AIB Merchant Services and Sysnet worked together to create the ideal programme to ensure merchants are fully protected and have the best possible payment experience. A representative sample of AIB Merchant Services’ customers was surveyed before work began to gauge the challenges and difficulties they experienced during the compliance process, so the two companies could take steps to build a better system.
“From the information we had from merchants, it was clear that Sysnet.air was the ideal solution for our needs,”
“The system offers a host of features designed to simplify the payment security process for users. Custom profiles for low-risk merchants streamline the PCI compliance process, while a fast-track approach for users of our Clover™ device removes the need for them to perform scans.”
To further simplify the payments process, Sysnet.air introduced security checklists to support merchants in properly securing their payment environments. The option of SAQ D was removed for online merchants, to further lighten the paperwork burden.
AIB Merchant Services’ communication procedures were transformed as well, with a new, down-to-earth tone of voice to make them easier to read, as well as clearly defined “next steps” for recipients so they can see straight away what – if any – action they need to take to maintain PCI compliance. A targeted campaign programme was also created, designed to engage specifically with non-compliant customers to encourage them to improve their payment controls.
A shorter, easier compliance journey
The new Sysnet.air system is now up and running, and AIB Merchant Services has already seen a significant improvement in its customers’ payment experience.
By stripping away unnecessary forms for Clover™, FDGL and Sage Pay merchants, and making it easier and quicker to accurately fill in the remaining documentation, the new system has significantly shortened the compliance journey for merchants. In doing so, it has helped to save them a considerable amount of time.
Risk has been significantly reduced for AIB Merchant Services. By fast-tracking customers deemed as being at little or no risk from data breaches, the organisation can devote more time and resources towards supporting the most vulnerable merchants in protecting their businesses.
In addition, Call Handling Time from the Sysnet helpdesk has been reduced by more than 50 per cent. “The response from our merchant customers on the new-look portal has been overwhelmingly positive,” added Andrew McCarroll, PCI Compliance Manager for AIB Merchant Services.
“Our customers now have a quick, straightforward tool that gives them all of the information they need to maintain optimum compliance with PCI DSS, freeing them up to devote more time to make their businesses a success.”
Following the success of the new Sysnet.air solution, AIB Merchant Services is now working with Sysnet to provide their merchant customers with a new managed security service, which is due to be launched in the next few months. This service will help merchants further strengthen their protections against cyber threats by identifying the most appropriate security tools for their particular business type and structure.
Established in 1989, Sysnet Global Solutions provides payment card industry, cyber security and compliance solutions that help businesses to improve security and acquiring organisations to reduce risk. Specialising in data security and PCI DSS compliance validation solutions, Sysnet offers a range of services, including its award-winning, proprietary, cyber security and compliance management solution Sysnet.air®, to a wide variety of businesses including acquirers, ISOs, international banks, payment service providers and merchants. Headquartered in Dublin, Ireland, Sysnet has clients in more than 55 countries worldwide.