By TrustCommerce | TrustCommerce - May 15, 2013
In this two-part series, we will talk about two popular payment acceptance paths for e-commerce: Embedded API for Direct Post, commonly referred to as transparent redirect, and hosted payment pages. We will look at how the solutions function and things to consider when selecting your preferred method.
Recently, I went to see the Space Shuttle Endeavour at the California Science Center. It is an impressive piece of history to see firsthand. I could not help but think of how often you hear, “This isn’t rocket science.” This actually was rocket science! The complexity and inner workings of this ship are incomprehensible to most of us, a little intimidating, yet awe-inspiring.
The good news is that setting up a secure e-commerce environment doesn’t have to be rocket science, although it may sound like it. Known in the industry as “transparent redirect” or “Embedded API with Direct Post”, TC Trustee API is an elegant e-commerce payment solution that lets merchants do what they do best—manage the web site, user experience and environment—but leave the payment acceptance and security to the experts.
An embedded feature of the merchant-hosted payment form, the TC Trustee API code posts financial transaction field data from the customer browser straight to the TC secure processing platform. It is easy to set up, requiring a small amount of code and basic programming skills.
Multi-Layered Security
Merchants choose the TC Trustee API to keep sensitive payment data off their systems and servers. Doing this can reduce exposure and liability in the event of a breach and can reduce PCI DSS scope because web applications fully implementing TC Trustee API do not store, process, transmit, or even see the payment card data.
In addition, TC Trustee API uses tokenization as an added layer of protection. A TrustCommerce issued cryptographic token replaces primary account number (PAN).
How TC Trustee API Works
Here are the primary steps in the payment process:
- Merchant web site displays the check-out page.
- TC Trustee API allows the merchant to send code from its web page to the customer’s browser so that when the payment data is entered into designated payment fields, the customer’s browser posts the payment data directly to TC without it ever passing through the merchant web environment.
- TC processes the transaction with the financial institution of the merchant’s choice and returns a response.
- The response includes the authorization and a token in place of the credit card PAN data.
This solution differs from a secure hosted payment page in that the user is not overtly redirected to another web site to enter payment information.
Benefits:
- Easy to set up and maintain
- Reduced PCI scope
- 100% control of the customer experience
Things to consider:
- Merchant designs and hosts the web page presented to the customer
- Only the sensitive payment data is posted directly from the customer to TrustCommerce
- Set up does not require advanced developer skills
Stay tuned! We will talk about hosted payment pages in the second installment of this series.
By TrustCommerce | TrustCommerce - June 29, 2012
U.S. Senators are again looking at crafting a law that creates a national standard for reporting data breaches. Referred to as the Data Security and Breach Notification Act of 2012 (S.3333), the draft bill would require businesses and government agencies to “take reasonable measures to protect and secure data in electronic form containing personal information.” The Federal Trade Commission would enforce the legislation, and fines for violating the law could reach up to $500,000 per incident.
There are currently 40 different state laws in place. This bill would override any existing state data breach legislation. Implementing a single law could simplify compliance and make for a more consistent notification process in the event of a breach.
Read More >
By TrustCommerce | TrustCommerce - February 03, 2012
TrustCommerce and E-Commerce Developers are a perfect match. We speak the same language, can finish each other’s sentences, and are just a phone call away. Our relationship is effortless because:
TrustCommerce payment solutions are developer friendly! Our solutions are designed for easy set up and flexibility—integrating into any solution. We accomplish this using open-source technology and our 19+ APIs. Once integrated with the TrustCommerce payment system, you can implement the solution to any number of merchants.
Read More >
By TrustCommerce | TrustCommerce - January 25, 2012
Zappos, online shoe and clothing retailer, is the latest merchant to succumb to a data breach. More than 24 million customer accounts were compromised, which may have included customer names, e-mail addresses, addresses, phone numbers, the last four digits of credit card numbers and “cryptically scrambled” passwords. Zappos encrypts payment card data and said no credit or debit card information was accessed.
The recent Zappos breach has us all thinking about trust. We start to think about all the online sites in which we’ve placed our trust—accounts we’ve opened, where we’ve shopped and social networking sites where we disclose our lives, to name just a few. Many of us can’t remember them all; let alone the email or password we used. As we go about our daily lives, we repeatedly take leaps of faith. For convenience and opportunity, trust seems to be the only choice. However, there are some practical ways you can protect yourself. Read More >
By TrustCommerce | TrustCommerce - January 20, 2012
Wouldn’t it be nice if payment processing came with a textbook for beginners? Unfortunately, many times merchants are on their own to master key terms and skillfully implement best practices that help manage costs. One of the biggest challenges can be understanding the interchanges rates set by the card networks and other fees incurred in order to accept credit card and other payments.
Read More >
By TrustCommerce | TrustCommerce - September 16, 2011
It is no secret that debit cards are a popular method for paying for goods and services. Customers use their bank ATM cards and check cards to pay for everything from a pack of gum at a gas station to monthly utility bills.
Debit card payments may soon take over credit card transactions! There were 507 million total debit cards in circulation in U.S. at the end of 2009. Debit payment transactions rose 17.1% to 6.38 billion, according to Visa and MasterCard.
Read More >
By TrustCommerce | TrustCommerce - December 07, 2010
We love the TC Payment Portal and so do our customers. It is a versatile product that makes it easy, affordable and convenient for merchants of any size to offer online payment options to their customers. Allowing integration support for customer bill presentment, users can securely log into a website and have immediate access to their account information.
Read More >
By TrustCommerce | TrustCommerce - November 04, 2010
At the NACHA Mega Meeting, September 29-30, we listened to an esteemed trio of panelists, American Red Cross, Faith Direct, and Star of Hope; discuss payments and the non-profit sector. During an economic period where overall charitable contributions are down, payment simplification is paramount for non-profits. Americans gave more than $307 billion in charitable donations despite the economic conditions in 2009. However, total giving, when adjusted for inflation, was down 3.6 percent. This was the steepest decline since the Giving USA annual reports began in 1956.
Read More >
