Eliminating PCI DSS non-compliance in the paytech market.

Founded in 1989 as an IT services company, Dublin-based Sysnet Global Solutions has evolved over 30 years to meet new challenges and client demands, and today has carved out an enviably successful niche in the cybersecurity and compliance space.

Gabriel Moynagh, Sysnet’s CEO, joined his father’s company in 2004 and remembers coming across the new Payment Card Industry Data Security Standard (PCI DSS) regulation, which helps businesses to protect their customers’ payment information, and seeing an opportunity to provide clients with compliance auditing.

“At that time, we were one of only a few companies in Europe, and the first in Ireland, that had the right credentials from Visa and Mastercard to be able to audit big companies that were storing or transmitting credit card data. So as well as doing their information security we could audit companies against PCI DSS,” says Moynagh.

Sysnet responds to the compliance challenge

Since then, as the volume of credit card transactions globally has increased, so too has the focus on cybersecurity and the pressure on businesses, even the smallest, to ensure compliance with the PCI DSS.

“For small businesses, reporting PCI DSS compliance can be confusing and time-consuming and many default to paying monthly fines imposed by their banks rather than tackle the technical detail,” explains Moynagh. “At the same time it’s a logistical nightmare for the acquiring organisations to ensure that all their merchants are compliant; moreover, the revenue they accrue from fines sits badly with them.”

It was a problem that prompted Sysnet to create its hugely successful Sysnet.air portal, supported by a best-in–class contact centre, which enables acquiring organisations to manage the security and compliance of their self-assessed merchants against the PCI DSS. It’s the most advanced solution in the industry, offering both self serve and managed service options. The latter, called Proactive Data Security (PDS), is now driving the company’s rapid growth.

“PDS is a white-label service that reaches out to small businesses that have been fined for PCI DSS non-compliance,” says Moynagh. “Our security agents call the merchant, profile the business, complete their PCI assessment and discuss their data security. We then provide cybersecurity tools to the business, and all for less cost than the monthly fines.”

Representing the brands of some of the world’s top banks is something Sysnet has embraced wholeheartedly.

“We work hard in terms of how we speak to the merchants, and the look and feel of the portal interface, so that the merchant’s perception is that they are getting this experience from their bank. They get a great product and service from us and the bank gets the credit for it. That’s what we want,” adds Moynagh.

Delivering for three million businesses worldwide

Sysnet now employs over 400 staff and has customers in 60 countries. Almost three million businesses globally use its services to manage their compliance and security. In the last 10 years, the company has cornered the market in the UK and now works with all major acquiring banks there. Sysnet also has a fast-growing market in Germany, where it is working with market leader Concardis, and First Data, for which it also provides a service in the Netherlands.

“The US is our fastest-growing market. Three of the top US banks work with us and we’re optimistic about securing the others. We’re definitely the leader in this space and are planning to have around 200 staff there by the end of next year. We’re also doing well in Canada and have leads in Australia and Asia,” says Moynagh.

US company Elavon, one of the top five global payment providers, is one of Sysnet’s satisfied customers. Appreciating Sysnet’s focus on helping smaller businesses get secure and compliant, in 2017 it migrated its entire PCI level 4 customer base to Sysnet.air.

Wally Mlynarski, former Chief Product Officer at Elavon, says: “We wanted to offer more value to our customers, giving them more choice when it came to PCI compliance and cybersecurity. Our smaller customers needed the option of a managed service with security tools that are easy to purchase and deploy. We’re extremely happy with the service provided by Sysnet.”

A collaboration with Lloyds Bank Cardnet won Sysnet a PCI Excellence 2019 award for reducing the number of small businesses incurring non-compliance fines. Additionally, Lloyds Bank Cardnet was also shortlisted alongside another client, Barclaycard Payment Solutions,  in this year’s Cards and Payments Awards.

Sysnet’s expertise has won them a seat at the prestigious PCI SSC’s Global Executive Assessor Roundtable, a regulatory body comprised of the world’s five biggest card payment providers. “To be chosen from the thousands of companies in the paytech sector is a real privilege,” he admits.

Market makers

Sysnet has benefitted from Enterprise Ireland’s R&D grants for developing PDS, and Moynagh also took part in the agency’s Leadership for Growth programme. “I really think that a large part of our growth over the last few years has been down to what I learnt on that course,” says Moynagh.

As the first company in the world to offer small businesses a managed security and compliance service at a low price point, Sysnet has effectively created a new market.

“When we work with small businesses we really want to help them get into better shape in terms of cyber security,” says Moynagh.  “Looking ahead, we’d love all our existing customers to be using PDS so that we can help eliminate non-compliance in the market.”