SecurityMetrics TIN Matching Service Helps Avoid Catastrophic Consequences From Approaching U.S. Mandate

OREM, Utah (July 13, 2011) As the January 1, 2012 deadline quickly approaches, SecurityMetrics’ new TIN Matching Service helps payment processing entities recover and match the millions of merchant tax identification numbers (TIN) and legal business names not yet validated with Internal Revenue Service (IRS) records. All payment settlement entities are required to implement this federal mandate by the deadline, or initiate backup withholding of up to 28 percent of merchant payment card transactions until the issue is resolved. The likely attrition that may result from payment processors withholding 28 percent of merchant transactions is avoidable through the full service and cost-effective SecurityMetrics TIN Matching Service.

SecurityMetrics TIN Matching Service is a professional solution for payment processing entities that do not possess systems or resources to effectively and completely validate each merchant in their portfolio. An industry leader in merchant security and compliance, SecurityMetrics handles over 132,000 merchant calls per month and communicates with tens of thousands of merchants daily.

“Given there are only five months until the deadline, this federal regulation is an extremely urgent issue for acquirers and ISOs. We’ve worked with acquirers whose merchant TIN validations are 15 to 90 percent complete. The law requires 100 percent. Most merchant businesses can’t financially handle the federally-mandated 28 percent withholding of all credit card revenues,” said SecurityMetrics CEO Brad Caldwell. “The SecurityMetrics TIN Matching Service is designed to alleviate the pressure of reaching out to an entire portfolio and makes the IRS TIN validation process easy for any acquirer to implement.”

Five key features of the SecurityMetrics TIN Matching Service help merchant acquiring entities quickly meet the deadline while avoiding attrition and reducing workload.

1.      Real-Time Reporting- Payment settlement entities can view the results of their portfolio campaign in real-time using SecurityMetrics’ online Merchant Compliance Console.

2.      Flexible Communication- SecurityMetrics Communication Platform sends customized TIN email and fax notifications to merchants. If merchants don’t respond, SecurityMetrics’ trained call center staff proactively notifies them.

3.      Merchant Validation in Minutes- Merchants can go online to the SecutityMetrics website to validate or call SecurityMetrics call center, which can handle up to 7,000 merchants daily.

4.      Extended Data Collection- SecurityMetrics not only collects required merchant TIN data, but also researches and updates address, email and fax information.

5.      Proven Track Record- With more than 10 years of merchant validation experience, SecurityMetrics can quickly engage merchants to satisfy IRS TIN requirements.


Merchant response to the required 28% withholding of payment transactions is straightforward. “If my bank takes 28% of my revenue I will find someone else to serve my banking needs,” said O. Paul Thurston, President of Thurston Enterprise Inc.

IRS TIN matching originated from the Housing and Economic Recovery Act of 2008 mandated for the electronic payments industry and intended to assist the IRS to identify underreported sales. The law requires a merchant acquiring entity to annually collect and validate the TIN and legal business name associated with each merchant and requires 28% of merchant payment card transactions to be withheld until validation is complete.

Additional product, pricing, or purchasing information regarding SecurityMetrics TIN Matching Service is available by contacting SecurityMetrics Business Development at 801.995.6340 or accessing the SecurityMetrics TIN Matching website at

About SecurityMetrics

SecurityMetrics is a leading provider of merchant data security solutions, including a mass-merchant compliance model for the Payment Card Industry (PCI) Data Security Standard (DSS) that has assisted 750,000 small and mid-sized merchants in validating their PCI DSS compliance to date. The company is certified to perform PCI Scans (ASV), PCI audits (QSA), Payment Application Data Security Standards audits (PA-QSA), penetration tests and Payment Card Industry Forensic Investigator (PFI) assessments. SecurityMetrics also offers a security appliance that includes vulnerability assessment, intrusion detection and intrusion prevention capabilities. For more information, contact SecurityMetrics at 801.724.9600 in North America, 0207.993.8030 in Europe, 61.2.8011.3270 in Australia, or visit

More News