The PCI Security Standards Council (PCI SSC), a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PIN Transaction Security (PTS) requirements and the Payment Application Data Security Standard (PA-DSS), today provides clarity around what type of payment applications are eligible for PA-DSS validation and listing, including an update on the applicability of PA-DSS to mobile payment acceptance applications. A report from the company lists the types of mobile applications now measured by the security standards, and which applications require additional review. [Read more…]
Merchant Warehouse Credit Card Processing Adds Mobile and Web Services
Merchant Warehouse, a provider of merchant accounts and credit card processing solutions, now has mobile and web versions of MerchantWARE TransPort. Both TransPort.Mobile and TransPort.Web offer enhanced functionality and enhanced security features. TransPort is a hosted payment solution which eliminates the need for a PA-DSS audit for point-of-sale (POS) systems, shopping carts, websites and mobile payments. The PA-DSS audit is eliminated by delegating all of the sensitive portions of payment processing to TransPort.
TransPort enables POS developers to remove the card processing function entirely from their software while retaining full functionality through a “transaction portal” and tokenization. This is especially important for mobile payment solutions since the PCI Council has officially opted to not certify mobile applications in the near future. With TransPort.Mobile, mobile payments are secure and meet all the PA-DSS requirements. Anyone using TransPort.Mobile for mobile payments can be confident that their card data is secure.
According to Inc. magazine, global e-commerce spending is expected to grow 90 percent by 2014, and e-commerce spending in the United States is expected to reach nearly $203 billion. As consumers embrace online and mobile shopping experiences in the coming years, merchants will need to provide convenient, secure purchasing options for their customers. The challenge for many e-commerce websites is maintaining PCI compliant solutions, often because many POS providers use open source software architecture. Because open source software isn’t owned by one particular organization, no one is expected to pay for that architecture to go through a PA-DSS audit. As a result, many merchants are not in compliance with PCI DSS mandates and are at risk of a breach.
TransPort.Web off-loads the card processing to a PCI DSS certified server. By removing the POS software or shopping cart out of PA-DSS scope, TransPort.Web allows the merchant to operate their online store within PCI DSS regulations without incurring any additional costs. According to the company, it’s one of the most effective and efficient ways to achieve and maintain compliance and secure card holder data for e-commerce merchants.
“During this past holiday shopping period, consumers spent $30 billion, both over the Web and through their mobile devices,” said Henry Helgeson, co-CEO of Merchant Warehouse. “As consumers gravitate toward mobile payments and e-commerce shopping, the need for a secure and certified online payment solution becomes more obvious. We are excited that the new functionality in the MerchantWARE TransPort platform addresses this need today. Not only do developers have a secure, feature-rich payment platform that protects card data, it is also customizable so their merchants can extend their brand right to their client. We think TransPort.Web and TransPort.Mobile are great additions to our hosted payment solution.”
The TransPort platform, including TransPort.Web and TransPort.Mobile, offer numerous industry-leading security benefits including encrypted PIN debit, tokenization and end-to-end encryption. Additional fraud detection is available through the MagnePrint card recognition service and merchants and developers can further brand their solutions using customizable layout and color scheme options.
“Our business is unique because we process transactions in our store as well as on our website so we were looking for a solution that would satisfy all of our needs while helping secure our credit card processing,” said Roman Malko, owner of Bosmix.com. “By using TransPort.Web we were able to secure our in-store POS software as well as allow our customers to pay their invoices securely on our website. The customer card data is secure and our PCI compliance process is much less time consuming than before. I was really sold on the advanced security features like end-to-end encryption and tokenization. These don’t intrude on the customer experience and it gives me peace of mind that we are doing our due diligence to secure our customer card data.”
Source: BusinessWire