With the PCI Security Standard continually evolving and new threats always emerging, merchants are finding that achieving and managing compliance is more costly, more time consuming, and more resource intensive than anticipated. As recent breaches have proven, even merchants that achieve compliance are finding that PCI compliance management does not equal security.
For these reasons, merchants are turning to Braintree. Our unique solutions prevent credit card data from entering a merchant environment without changing the user experience and offer merchants full control over the data. The scope of PCI Compliance is significantly reduced and no credit card data is present to be stolen. We don’t just solve PCI Compliance problems, we make them go away.
By using our Transparent Redirect (TR) and Vault, merchants can achieve PCI Compliance in days. TR and the Vault will eliminate the handling, processing or storing credit card data so you can qualify for the Self Assessment Questionnaire A, the shortest of the four SAQs. Download this pre-filled SAQ A version 1.2 as if you had our solutions implemented. You'll need to work with a Qualified Security Assessor to verify your qualification with this version of the SAQ.
Note, if you are taking phone orders and entering the credit card information into our web console, you'll need to use the slightly longer SAQ C. A QSA can help you navigate these types of scenarios to make sure you're using the appropriate SAQ.
| With Braintree | In House Approach | |
| Time to become PCI compliant | As few as 5 days | 6 to 18 months |
| PCI DSS Controls to meet | Less than 20 | Over 200 |
| Assessment costs to determine ‘scope’. | $0 | $44,000 to $125,000* |
| Hardware/Software upgrades | $0 | $81,000 to $568,000* |
| Ongoing expenses | Fixed | Variable |
* Gartner estimates merchant Level 1-3
© 2010 Braintree Payment Solutions. All rights reserved. Braintree is a registered ISO/MSP of Wells Fargo Bank, N.A., Walnut Creek, CA
