Liaison Technologies announced the Liaison Protect Tokenization-as-a-Service (TaaS™) cardholder data environment successfully passed a PCI-DSS 2.0 audit and other major payment card association security requirements related to the protection of cardholder data. Through Trustwave. The cardholder data environment consists of the perimeter and internal firewalls, the Liaison Protect Token Manager application, the production VLAN, the Web VLAN and the VzCaaS Management VLAN. The PCI requirements are comprised of VISA’s Cardholder Information Security Program (CISP) and MasterCard’s Site Data Protection (SDP) program, as well as Discover’s (DISC) and American Express’s Data Security Operating Policies. The Liaison ‘Format Preserving Tokenization’ offers on-premise and as a managed service in the cloud, giving customers a choice on how to tokenize any type of confidential information, including credit card numbers.
Electronic Payment Exchange (EPX) payment processor, featuring payment data tokenization, announced PCI-DSS Tokenization Guidelines released on August 12 affirm that EPX’s free, outsourced tokenization solutions can eliminate the scope of PCI compliance for merchants. As a global payment processing organization providing hosted services that use both tokenization and end-to-end encryption, EPX enables merchants to eliminate cardholder data storage, processing, and transmission by outsourcing their payment processing and the related storage of cardholder data. Using encrypting cardholder data reading devices at the point of swipe, EPX prevents merchants from possessing unencrypted cardholder data at the initiation of a transaction.
Sprint has launched its Biz360 TV and print campaign, featuring the Blue Bamboo P25-M card reader and printer, distributed by Aircharge (www.aircharge.com), as part of its business on-the-go suite of products integrated with smart phones for mobile transaction processing. RedFin Network is a payment solutions provider, operating a Payment Gateway used to perform Secure Electronic Payment Processing.
Electronic Payment Exchange (EPX) full-service payment processor has embarked on the P2P payments market, having completed the Visa certification for processing Visa Personal Payment transactions, through which EPX can now facilitate person-to-person payments. Visa Personal Payment transactions eliminate the inefficiencies of cash and checks for payments between individuals by enabling Visa cardholders to send person-to-person payments to a recipient’s Visa account or personal bank account. Through Visa and participating financial institutions, cardholders and the financial institutions’ customers can direct payment from their respective Visa accounts or personal bank accounts via an Internet-connected device or mobile phone.
Voxeo IVR and VoIP platforms and services has received third-party certification of compliance to the PCI-DSS version 2.0. As a PCI-compliant service provider, Voxeo’s customers can have the assurance that sensitive credit card information being processed is protected against fraud and that their most critical data in the Voxeo cloud is secure. To be in compliance with this standard, it means all of Voxeo’s Internet connections, assigned IP addresses, and all Internet connected servers (Web, email, DNS, etc.) have no level 3, 4 or 5 severity vulnerabilities in their most recent security audit.
IT Governance Publishing announced that the PCI DSS v2.0-compliant version of the established PCI DSS Toolkit is meeting increased demand as compliance pressure on merchants mounts. Banks are increasingly pressuring merchants, who accept payment cards, to get themselves PCI DSS compliant. ITGP upgraded its existing toolkit to reflect the revised requirements of PCI DSS v2.0 in October 2010 and, since then, the Toolkit has been helping a steady stream of smaller e-commerce merchants and service providers to become PCI compliant. The PCI DSS Documentation Toolkit v2.0 is specifically designed to help payment card-accepting organisations quickly create all the documentation required to affirmatively answer the requirements of the PCI DSS Standard as set out in the Self Assessment Questionnaire (v2.0).
Karl A. Towns has been appointed executive VP with Electronic Payment Exchange (EPX) payment processing services. Bringing with him more than 25 years of
experience in banking operations, financial services, and executive management, he will direct and grow EPXâs banking alliance strategy, primarily by
increasing EPXâs customer base and revenues through profitable partnerships with financial institutions. Towns is a graduate of the ABA Stonier Graduate
School of Banking, has worked closely with the Federal Deposit Insurance Corporation (FDIC) to ensure compliance and enforce policies in the electronic
banking industry, is an educational advocate for children with autism and is a former member of the Philadelphia African American Chamber of Commerce.
USA Technologies wireless non-cash transaction network throughout its 1Q
ended September 30 processed for its customers nearly 14 million
transactions for a total of $24.5 million, up year-over-year 89% and 68%
respectively. The Company also has slightly over 1,200 customers
connected to its ePort Connect Service, up from the 1050 in the quarter
ended June 30, for which it is expanding feature set and functionality.
Improved functions are to include faster transaction times; more
efficient transfer of customers’ operational, or DEX (Data Exchange)
data, over the ePort Connect network; improved efficiency and
versatility of the USALive online reporting function through increased
speed and the ability for customers to create and automate custom
reports from their own locations; increased server capacity to enable
continued expansion; and an online ordering and contracts system for
faster and more convenient processing of orders and contracts. This comes
on the heals of the latest reports disclosing the Company saw an August
2010 small-ticket transaction volume of $8.3 million, putting the Company
on an annualized run rate of approximately $100 million. This is an increase
of 72% versus August 2009 through its ePort cashless payment systems for
vending machines, kiosks and other unattended POS terminals while total
transactions processed hit 4.6 million, an increase of 98% over total
transactions processed in August 2009. On September 2, 2010 USA Tech reached
a record of over 200,000 transactions processed in a single day on its ePort
Connect Service through its nearly 82,000 connections on its service versus
52,000 connections as of June 30. With this momentum, the hopes to have
100,000 devices connected to its network by December 31 for a positive
EBITDA(CF Library 2010/09/14).
TrustCash Holdings is compliant with the PCI scan validation requirements. PCI compliance
signifies network devices are compliant with the remote vulnerability
audit requirements of the Payment Card Industry Data Security Standard
(PCI-DSS), Visa USA’s Cardholder Information Security Program (CISP),
Visa International’s Account Information Security (AIS) program,
MasterCard International’s Site Data Protection (SDP) program, the
American Express Data Security Standards (DSS), and Discover Card’s DISC.
The TrustCash platform is a comprehensive online
payment processing system that provides merchants with open
access, PCI compliant payment processing.
Electronic payment consultants Global Vision Group has tapped Marc Perl, previously with Visa, as Senior Consultant in the Business and Risk Strategy Practice. Perl is an electronic payments industry expert with over 30 years of experience in risk management, processing, encryption and software development. Prior to joining GVGroup, Marc spent 20 years at Visa Inc. where he developed and managed the Cardholder Information Security Program (CISP) for the Payment Card Industry Data Security Standard (PCI DSS). In addition to Marcâs work on PCI-DSS at Visa, he also managed Visaâs Integrated Debit platform and designed, managed and implemented Visaâs Integrated Debit PIN encryption technology known as Derived Unique Key Per Transaction (DUKPT). Prior to Visa, Perl spent four years at the Bank of America developing bankcard solutions and has consulted to organizations as varied as Jet Propulsion Laboratories to Total Systems Acquiring Solutions and others.
Electronic Payment Exchange welcomes the release of Visa’s data field encryption best
practices. Visa established five key implementation
objectives for payment providers who deploy end-to-end encryption:
limiting the availability of cleartext cardholder and authentication
data; using robust key management solutions that are consistent with
international standards; using key lengths and cryptographic algorithms
that are consistent with international standards; protecting
cryptographic devices from physical/logical compromises; and using
alternate identifiers for business processes that require the account
number after authorization. Using encrypted card readers with the “EPX BuyerWall” solution satisfies
the Visaâs objectives and provides strong protection for merchants
against potential data breaches.
no single technology can completely solve for fraud.
EPXâs solution uses both end-to-end encryption to encrypt card data from
the point of sale, and tokenization on the back end of the transaction
Encryption at the card reader protects merchants against potential
breaches before card numbers even leave the swipe for authorization. “EPX
BuyerWall” tokenization replaces account numbers with values that are
meaningless to would-be thieves and cannot be reverse-engineered to
reveal the card numbers.
Payment solution provider Electronic Payment Exchange and healthcare
payment solution provider ClaimLogic have partnered to provide
PCI-compliant credit card processing services. ClaimLogic’s suite of
all-payer claims and payment products is installed in practices ranging
from the largest academic medical centers and multi-physician groups, to
the small- to mid-sized medical practices in the USA. Their web native
applications are focused on improving the operational efficiencies and
streamlining electronic transactions for providers of healthcare
services. ClaimLogic clients will begin processing credit card
transactions through EPX this fall. EPX is “PCI v1.2” compliant, a VISA
USA “CISP” and a MasterCard “SDP.”