[Service Provider Case Study >>]

Merchant Case Study

This Level 1 merchant is one of the fastest growing businesses in the U.S. They sell nutritional products through a vast network of distributors worldwide and have been doubling in size every 12-18 months. As expected with this rate of expansion, they were experiencing considerable growing pains.

Challenges:

  • PCI Compliance – This merchant determined that obtaining compliance internally would be a major undertaking and a costly distraction from their core business. With the PCI Standard continually evolving and new threats always emerging, they concluded that an internal compliance approach would cost more and consume more resources and time than they could anticipate. They were also concerned that even when compliant, they would still have millions of credit card numbers sitting on their internal servers, vulnerable to attack.
  • Service & Support – Existing payment processing vendors were unable to resolve outstanding processing challenges or provide the flexibility needed to help address the unique challenges they were facing.
  • Technology Limitations – Daily batches for recurring billing took hours to process, unnecessary transaction errors were affecting revenue generation and other limitations were taxing IT resources.

After an intense vetting process, Braintree was selected as their key payment processing partner. Leveraging Braintree’s dedicated integration team, the merchant was up and running within 30 days. In the first few months, a few critical objectives were achieved:

Solutions:

PCI Compliance – by using Braintree’s solutions, the merchant was able to reduce PCI Scope to fewer than 20 controls from the standard 250, making compliance achievable within 90 days. There was no change to user experience and the merchant retained full control and functionality of the credit card data.

  • Step 1: Environment Cleansing – One of the first tasks was to import all the credit card data in the merchants environment it into Braintree’s Vault – creating a single repository for all sensitive data and transaction history. Most importantly, no credit card data was left present in the merchant environment to be stolen.
  • Step 2: Preventing Entrance of Credit Card Data – After cleaning the environment, the next step was to prevent credit card data from entering again without changing the user experience or internal processes. Using Braintree’s Transparent Redirect, the merchant was able to continue to use their website, phone and in-store acceptance channels without ‘handling, processing, or storing’ any credit card data.

Service & Support – In the merchant’s own words, Braintree was their single most responsive and helpful partner, always going above and beyond what was expected.

Processing Improvements – Daily batch processing time for recurring billing was reduced by over 90%, transaction errors were eliminated and system customizations enhanced revenue generation.

PCI Video
Featured Customers
Podcast
Quick Guides
White Paper
Example of what the PCI Compliance Self Assessment would look like using Braintree's solutions.