Chesapeake Payment Systems Achieves Merchant Portfolio Compliance Goals with ControlScan

Helpful tools, responsive service and simplified security make ControlScan a preferred partner.

Success Story: How ControlScan and Chesapeake Payment Systems Collaborated to Achieve a Mid-90s Portfolio Compliance Rate

Chesapeake Payment Systems PCI Compliance SuccessChesapeake Payment Systems, the merchant services division of Chesapeake Bank, offers processing solutions and loyalty programs for merchants as well as partner programs for agents, ISOs and ISVs. By making sure to always do right by their customers, Chesapeake has maintained the essence of a community bank, even as the bank has grown.

The company has merchant customers nationwide, big and small, that appreciate the personalized attention they’re able to get with Chesapeake. Part of that relationship based service model includes helping each merchant protect their business and payment processes from data thieves.

The Challenge: Engaging Merchants in Security and Compliance

A critical component of assisting merchants is keeping them secure, and this starts with ensuring they are PCI compliant. Achieving and maintaining compliance with the Payment Card Industry Data Security Standard (PCI DSS) gives merchants a baseline level of protection against payment card data thieves. In addition, a high compliance rate among its merchant customers reduces the business risk Chesapeake takes on by providing payment processing services.

“We want to make sure our customers are in the safest environment possible when it comes to credit card processing,” says George Malesky, VP of Sales Operations for Chesapeake Payment Systems. “To do this, we have to accept the challenge of educating and informing our merchants about effective payment security and compliance.”

Chesapeake set a goal to achieve the highest possible merchant portfolio compliance rate. To make this happen, they needed a partner that could build on their customer-centric approach and help drive merchants to action.

The ControlScan Solution Part I: PCI Program

Chesapeake Payment Systems wants a compliant merchant that understands the various risks of taking credit card payments. The company works to forge a relationship with each of its merchants, educating them on how to protect their business.

To deliver the right tools for the job, Chesapeake has partnered with ControlScan for its robust PCI compliance partnership program. The SecureEdge platform is a key program component, providing a single point of access and interaction with compliance validation tools and corresponding security services, as well as connectivity with ControlScan compliance experts.

Through the ControlScan program, Chesapeake can fully manage its merchants’ compliance journey down to the merchant-by-merchant level:

  • Automated vulnerability scans are scheduled to run every 60 days in order to fully remediate any issues by the 90 day mark.
  • Monthly validation reports alert Chesapeake to merchants that are approaching their compliance renewal date, so they can proactively reach out to assist.
  • Merchants progress through the Self Assessment Questionnaire (SAQ) in record time, due to its streamlined layout and in context help options. And if nothing’s changed, revalidation is a breeze.

The ControlScan Solution Part II: UTM Firewall

Providing merchants with a reliable, PCI-compliant firewall is another way Chesapeake Payment Systems is maximizing its relationship with ControlScan. A basic reseller agreement gives Chesapeake the technology it needs to further secure its merchants’ payment transactions while helping them satisfy compliance with the very first requirement of the PCI DSS: "Install and maintain a firewall configuration to protect cardholder data.”

The ControlScan PaySafe UTM firewall is an ideal solution for Chesapeake and its merchants because it is simple to install and provides continuous protection against security threats coming from the Internet.

Joe Mayfield, Merchant Technology Specialist at Chesapeake Payment Systems, is responsible for installing the PaySafe UTM firewall at merchant locations. “Following install, while still at the merchant location, we like to grab the opportunity to also walk them through the SAQ,” says Mayfield.

"The partnership is going to continue to grow because our companies share a mutual belief in helping out customers and protecting them. ControlScan helps secure our merchants, but they also help secure us and support our reputation in the marketplace.” - George Malesky, Chesapeake Payment Systems

The Result: A Mid-90s Portfolio Compliance Rate

The partnership between ControlScan and Chesapeake Payment Systems has helped the bank meet its goal of strong merchant PCI compliance. “ControlScan has provided professional, dedicated service and the right tools to help us reach our goals,” says Erin Johnston, Direct Program Manager and Assistant Vice President, Chesapeake Payment Systems. “Our overall portfolio compliance rate for our merchants started out in the 60s, and now it is in the mid-90s.”

The Chesapeake team feels good that they are doing what’s right for their merchants, and a below-average attrition rate proves that their merchants also appreciate the relationship. “Our merchants understand that PCI compliance is more than checking a box or paying a fee; that it’s a critical part of maintaining a healthy business,” Johnston adds.

Due to these partnership successes, the future of the Chesapeake-ControlScan relationship looks bright. According to Malesky, “The partnership is going to continue to grow because our companies share a mutual belief in helping out customers and protecting them. ControlScan helps secure our merchants, but they also help secure us and support our reputation in the marketplace.”

Download Success Story