Selecting a card processing company is easy — simply choose one with the right price, bells and whistles, and it’s “up, up and away.” Not so fast. Shouldn’t payment card security and protection be near the top of the list in terms of efficacy?
Sure, there are plenty of credit and debit card processing deals on the global market, but being in denial about the need for the latest safeguards can be devastating if their absence opens the door for fraud or security breach closely followed by bad publicity and lost revenue.
It is illegal to fraudulently obtain goods without payment or extract unauthorized funds during card present or card not present (CNP) transactions.
During card present transactions, both the customer and the card are physically present at the time of the sale.
CNP transactions carry a higher fraud risk and higher processing fees because the card is not physically present at the point of sale. With CNP, the cardholder or merchant must key in the account information manually on a terminal or web page.
With the help of the Transaction Express payment gateway, Constant Processing uses an Address Verification System (AVS) to confirm the identity of the card holder’s address on file with the card’s issuer. The gateway confirms the Credit Card ID (aka CVV2 or CVC) using the three- or four-digit number printed on the back of the card.
Other payment card security measures include tokenization (substituting sensitive data with non-sensitive equivalents), secure hosted payment pages that eliminate the need for storing card data (and send back transaction IDs and authorization codes), and secure pages with branding and custom banners for clients having their own websites.
Data breaches occur when unauthorized individuals access merchant networks and extract sensitive card holder data. Common examples include hacking and skimming; the clandestine placement of malware and spyware; lost or stolen cards, paper records or electronic storage devices; and employee theft.
Basic merchant protection procedures involve firewalls, anti-virus programs, transaction monitoring and the validation of all payment data. Merchants should also comply with Payment Card Industry Data Security Standards (PCI DSS) for the safe storage, transmission and processing of cardholder data.
Payment Card Security Compliance
To provide fraud and breach protection, Constant Processing’s Transaction Express gateway is compliant with Payment Card Industry Data Security Standards (PCI DSS), enabling the safe processing, transmitting and storage of card data.
- A forensic audit whenever a data breach is suspected to confirm status and define system vulnerabilities.
- Fulfilling fines and assessments following an unintended breach of sensitive consumer data.
- Issuer-related expenses such as card replacements costs, credit monitoring and more as long as the owner is not involved in the breach.
Merchant Level Security
Constant Processing is compliant with all regulations and remains current with the latest technologies related to payment card security. It is also important for merchants to engage in security measures at the point of sale with their customers. For example, EMV cards (aka smartcards or chip-and-PIN cards) are a first step in the right direction.
The microprocessors embedded in EMV cards offer a higher level of security than magnetic stripe cards since the chips securely store information and encrypt data. Contact transactions require physical contact with a card reader to exchange data with the terminal while contactless or near-field communication systems (NFC) exchange data with the help of radio frequencies.
NFC transactions are considered to be more secure than those using magnetic stripe credit cards since the latter can be stolen or cloned and used for unauthorized purchases.
Constant Processing is compatible with most digital wallets including Android Pay, Apple Pay and Samsung Pay.
Contact us today to learn how Constant Processing can provide your company with cost-effective solutions and the latest payment card security and protection.