PCI Administration
The Samport SPECTER software also features a PCI DSS questionnaire function. The service is technically separated from the site scanning and is currently an additional feature in the system. This allows the merchants to complete the required self assessment questionnaire online. The acquiring bank will be able to manage all its merchants with little manual interference. As the merchant is uploaded in Samport SPECTER, an e-mail is automatically sent to the merchant with instructions to fill out the self assessment questionnaire. The merchant is routed to a web page through a link in the mail to a web page and the session starts. All questions are in accordance with PCI regulations. After the merchant has answered the questions, the status changes to “PCI status: Compliant”. All merchants are prompted to repeat the process on a yearly basis.
Each question is preceded by an explanation, eliminating the risk for misunderstandings as the questions are of a somewhat technical nature. The responder has the option of answering “no” to a question, in which case the merchant will be coded “PCI DSS not compliant”. This status remains until the merchant replies “yes” to all questions. There is also a “not applicable” option. However, it the merchant chooses the “not applicable” option, a comment is mandatory, i.e. the user cannot proceed to the next question without filling out the comment field.