The client is an outsourcing and operations management company that specializes in providing a business platform for Non-Profit organizations in the US to collect and process donations.
Product:
The client developed an in-house product, which is a web-based donation tool designed to streamline all collection, fundraising, and communication activities for non-profit organizations. This tool features a customizable interface that offers online giving options, a popular method among donors, and provides a range of powerful fundraising tools at their disposal.
Features of tool include:
Live streaming for events, mobile applications, options for pledging and recurring donations, text-to-give features, automatic credit card updates, comprehensive reporting, efficient record and information management, a communication portal, dedicated customer support, secure custom donation pages, mobile card readers, ticket selling features, crowdfunding capabilities, integrated accounting tools, real-time analytics and reports, donor-directed payment scheduling, and custom marketing materials.
The Challenge:
The firm encountered challenges in achieving PCI DSS compliance due to the involvement of multiple vendors and the complexities of merchant management within the fundraising solution/platform it offers to non-profit organizations.
The Solution:
- The Panacea Infosec team took a strategic approach to the project, implementing a strict regime for joint vendor validation.
- They recommended the implementation of tokenization to minimize the PCI DSS scope, mitigate risk environments, and ease merchant management responsibilities.
- The team successfully obtained certification in a record time of 2 months, managing to classify almost all merchants under the SAQ-A category, indicating a streamlined and simplified compliance process.