PCI Compliance

What is PCI?

PCI is an acronym for Payment Card Industry. PCI Compliance is a requirement for any merchant that accepts credit cards.

Every merchant is required annual to complete an SAQ (Self Assessment Questionaire) attesting to their compliance. Fees for this service are all over the board. Corduro takes the approach that if you use us as a provider and store all your information with us then we take care of all this for you.

Free Approach to PCI DSS Compliance: Why Pay For It?

Corduro makes virtually all of your PCI Compliance concerns go away.  Our approach to eliminating your problems is to eliminate card data from your environment. This still gives your customers the desired experience while giving you control over the desired information.  With Corduro, the scope of PCI Compliance is significantly reduced and no credit card data is maintained on your systems.

Save Time, Money and Precious Human Capital.

Companies can’t afford to pour their profits back into this ever changing business requirement. Using Corduro actually improves your bottom line by eliminating expenses associated with infrastructure, technology and manpower.

Simplify an Otherwise Complex Issue.

There are four self assessment questionnaires (SAQ) to help businesses match their level of complexity to the standards.  The SAQ A is the shortest version with the least amount of items to address.  With Corduro, merchants qualify for the SAQ A.  We even help our merchants complete the surveys.

Achieve PCI Compliance Quickly.

Corduro’s platform and Vault eliminate the handling, processing or storing credit card data so you can qualify for the Self Assessment Questionnaire A.

Boost Customer Confidence.

With the Corduro safe and secure seal, your customers have confidence that their transactions are protected to the highest level of security standards.  Place the “Safe & Secure” seal on your website and customers can click on it for more detail on the standards that are being met during every transaction.

Encryption of Data.

Corduro is  leading the  industry by using hardware encryption to securely store your sensitive data. Others use the less secure method of software encryption for storing  sensitive data.

Compare Corduro to Other Solutions.

Critical Concern With Corduro In House Approach With Other Companies
Time to become PC compliant Less than 30 days 6 to 18 months 4 to 12 months
PCI DSS controls to meet (SAQ A clients) Less than 15 Over 200 Over 200
Manpower costs / Scope costs $0 $50,000 to $250,000 $50,000 to $500,000
Hardware/Software upgrade expense $0 $75,000 to $350,000 $100,000 to $500,000+
Ongoing expenses (maintenance / personnel) Fixed Variable and increasing Variable and increasing

Credit Card Vault and Tokenization:

When using Corduro to vault your sensitive data, you’re provided a token that allow you access to charge a vaulted card by presenting the valid token.  The sensitive credit card data is never on your system.  Think of it as the safe deposit boxes at your bank.  Each box represents the card data, and you have to present a valid key (token) to open the box.

We work directly with you  to create your own token or we can generate one for you.  The capability exists for multiple credit card storage per customer in the vault.  During the initial scope of the process we work with you to determine any other information for us to vault in addition to sensitive card data.  This includes customized fields.

Summary of Benefits:

Increased Data Security: No cardholder data is entered or stored in the merchant’s environment, thus no capability of a compromise or breach.

Business as normal: All existing channels of payment acceptance remain in tact – internet, phone, mail, terminal, POS, etc.

Customer experience: Your brand remains in tact, your customers maintain the same experience.

Easy Integration: We make the process easy and efficient.