Make Payment Security a Daily Priority

Merchant who store, process or transmit cardholder data, must be compliant with the PCI Data Security Standard. More often than not, PCI DSS Compliance is a starting point for protecting payments, not an achievement that can be crossed off a check list.

Headlines remind us of the ongoing risk of data compromise. A franchising company is the latest example. According to the company’s press release, an internal forensic investigation, launched after fraudulent activity was found on several payment cards that had been used at the company’s locations, identified suspicious files, including malware, on the licensees’ computer systems at 108 locations in 10 states. The franchising company is concerned that the suspicious files could indicate that an attacker(s) may have accessed data, including credit and debit card information. It is yet to be determined whether credit or debit card data was exposed.

To help you better understand how TrustCommerce’s security products could have helped prevent this “malware” attack, here are some key points.

TrustCommerce Advances Payment Solutions

What’s New at TrustCommerce? A Lot!

It is midway through what is shaping up to be another big year for Trust. As always, we are focused on advancing our TC SMART Products, specifically in the area of E2E/P2P encryption and tokenization. It’s fun to pioneer new innovative offerings, better to improve upon those innovations, and even more rewarding to offer the best in the industry.

You already know we’ve completed our migration to the new TC Vault! Throughout this transition, we’ve implemented many functional improvements. This new interface provides a foundation for rapid customization and enhancement. Built and designed from a customer-centric perspective, it maintains this core value from login to log-out. From the outpouring of positive responses we’ve received, we are thrilled our merchants love the new TC Vault as much as we do.

Charitable Giving Goes Mobile with PayWithIt

PayWithIt is the TrustCommerce secure mobile payment solution that works with mobile digital devices in conjunction with your TrustCommerce payment gateway account. Businesses, both large and small, can securely and wirelessly capture payments via manual entry or an optional encrypted card swipe without incurring additional mobile transaction fees.
PayWithIt is a natural fit for a variety of environments, most notably, the non-profit sector. Charitable giving is often in response to an immediate need, such as a natural disaster or other crisis. Accepting payments with a mobile device, gives charities the flexibility to respond quickly to help those in need.

Tokenization, E2EE, and Other Secure Payment Solutions

How can merchants address the threat of a payment data compromise?

Credit and debit cards have rapidly become the preferred payment method across the globe. We all swipe our credit cards at the check-out counter and enter our credit card numbers into e-commerce websites, usually with little thought to where the data ends up. But there are people waiting on the other end of that transaction ready to capture payment data and use it fraudulently.

Network intrusions and data compromises continue to plague the payment card industry. At the 2012 RSA Annual Security Convention, RSAʼs Executive Chairman, Arthur Coviello, told the audience, “Our networks will be penetrated. We should no longer be surprised by this.” His statement came within months of the disclosure that RSA, one of the worldʼs largest and most respected security companies, had been breached and the code to SecureID, their two-factor authentication solution, stolen. Mr. Coviello then told the attendees, “The reality today is that we are in a race with our adversaries and right now, more often than not, they are winning.”

PCI Compliance Game Plan for Insurance Companies

The insurance industry faces tremendous challenges when it comes to protecting customer data. Due to the nature of the business, a vast amount of sensitive information is collected about each customer. New stringent regulations demand that the data is kept secure, with steep penalties for non-compliance. Meanwhile, large databases of sensitive data are enticing targets for increasingly savvy hackers who can use that information for identity theft, fraudulent payments, and more. The consequences of a security breach are numerous and often devastating: lost customers, damaged brand and reputation, government fines, the cost of revising the information technology infrastructure, and a public relations crisis. How do you run a successful, PCI compliant insurance company without becoming a data security expert as well?

Prevent Data Thieves from Stealing Payment Data

As 2012 approaches, and companies continue to pursue compliance with the PCI DSS, the threat of data theft still looms large for merchants. On December 12, 2011, CNN, and other news organizations, ran a story announcing that US authorities arrested four Romanian Nationals in connection with a data theft scheme that had been active since 2008. The four individuals would hack into Point of Sale (POS) systems and install Trojans and key-stroke loggers to capture payment card data. This data was then used to make fraudulent purchases, primarily in Europe. 150 Subway restaurants, as well as over 50 other retailers, were victimized and an estimated 80,000 cards were compromised.

5 Tips to Reduce Holiday Shopping Fraud

As consumers, it is easy to get caught up in the excitement of the holiday season and drop our guard when it comes to safe shopping. The increasing balances on credit cards often result in people not checking their statements until after the holiday season.  In a rush to make purchases, caution may take a back seat to convenience and the prevalence of goodwill may convince some shoppers that criminals wouldn’t take advantage of the holiday season. Unfortunately, the holiday season is when criminals are often most active.

Secure Payment Acceptance in a Dynamic Environment

Life was simpler way back when. Some of you may remember when televisions only had three channels. A pencil or typewriter was your primary means of written communication. When you made a purchase or paid a bill, you mailed a check or paid cash at the register. Choices were limited, but simplicity appeared to make everything a little more manageable.

Innovations have lead to more choices and greater convenience—especially in our payments world. Think of all the ways consumers pay today: cash, check, credit cards, ACH/e-check, debit cards, gift cards, etc. Merchants also have a multitude of ways to accept payments: POS, online, automated recurring billing, SMS, mail order/telephone order, kiosks, integrated voice recognition (IVR), mobile devices—you name it.

PCI Compliance for Small Merchants

Small businesses are the heart and soul of the U.S. economy. From local mom and pop shops to innovative web start ups, we rely on these merchants daily for goods and services. In the payments world, small businesses are referred to as Level 4 merchants, those processing less than 20,000 e-commerce transactions annually and up to 1 million transactions annually. There are more than 6 million Level 4 merchants in the U.S.

PCI compliance is a vital component of merchants overall, ongoing security program. However, Level 4 merchants have not always been well educated or encouraged by their acquiring bank to become compliant.