Executive Profile Series with Stephen Price from E-Complish

by Stephen Price 0

How did you get in to the PCI compliance industry?

We started out in the Debt Collection industry that evolved into automation of payments. We are a Payment Service Provider that is required to be PCI Compliant.

What are the main difficulties that companies face when it comes to PCI compliance?

Cost and Time. An average PCI Compliance Assessment takes more than 200 working man hours and is constant. Meaning there is no break in checking and re-checking your systems.

How does E-Complish help to address these difficulties?

We outsource the PCI Compliance needs to our Level 1 PCI Compliant servers. In essence by using E-Compish, we eliminate the need for our clients to keep up with the compliance, time and cost associated with PCI Compliance.

What is the best way for companies to stay up to date on the various PCI compliance changes?

We would recommend https://www.pcisecuritystandards.org/merchants/ and https://www.pcisecuritystandards.org.

How does E-Complish stand out from competitors?

Our philosophy is simple. Help businesses find the problems in their payment processes and design exactly what they need to fix those problems.

We call it a “customized vested solution.”

Customized

Our solutions look, feel, and sound like our clients. We don’t give our clients a list of pre-determined things we can do and tell them to pick one. We help them find out what they need and then build a new solution that perfectly meets their needs. We encourage our clients to think outside of the box. Give us a challenge. We love doing new things.

Vested

Instead of setup and maintenance fees, we use a transaction fee model. This approach puts the onus on us to develop the highest quality products that produce the best results for our clients. If you don’t get paid, we don’t get paid. We are mutually vested in the end result.

Solution

We set out to create payment systems that ensure the highest levels of security, availability, and flexibility. Our long-standing relationships with our clients are a testament to our dedication to service and innovation. In fact, we still manage and process payments for our very first client 15 years later.

How has PCI compliance evolved over the years?

We have seen more emphasis on POS (Point of Sale systems) and Mobile Devices. In addition, the newest version, 3.0, requires an additional 150-175 items of evidence requirements. On top of that, we have seen more emphasis on the tracking of transactions from consumer, to servers, to processor and back. Since the Target breach, the PCI DSS Counsel wants all processors to be able to track all transactions from start to finish or vice versa.

What do you see coming over the horizon, in the PCI compliance industry, that financial institutions should be looking for?

We foresee the need for biometrics and Dual Factor Authentication before a credit card charge is processed. There will be a need to require a standard for these new forms of identity and validation, along with verification that both the Banks and Processors are able to demonstrate.