“Security” Posts

Manual Card Processing: Everything You Need to Know

Manual Card Processing: Everything You Need to Know

If you run or work for a business that accepts card-not-present transactions, it’s important to understand the finer points of manual card processing. While it’s easy to simply gloss over these steps, especially when you’re on the phone with a customer and want to provide a fast, positive customer experience, it’s both a security and financial risk to not process manual payments with care. Card-not-present transactions represent the largest percentage of card fraud, and it’s trending up. Fraudulent e-commerce transactions are expected to reach $19 billion in 2018, with card-not-present fraud accounting for 45 percent…

Why Tokenization Is Better Than Point to Point Encryption

Why Tokenization Is Better Than Point to Point Encryption

Whether you’re a developer seeking an integrated payment solution or a business owner searching for a credit card processing partner, the security of cardholder data should be at the top of your checklist. When processing and storing credit card data via a terminal, the payment processing security standard can vary. Below, we compare the two current standards for securing cardholder data: point to point encryption and cloud-based tokenization. Point to Point Encryption vs. Cloud-Based Tokenization Point to point encryption (P2PE) encrypts data from point A, when a card is swiped or dipped in a terminal, until it reaches point…

5 Essential Features of a Payment API

5 Essential Features of a Payment API

If you’re an independent software vendor (ISV) who is evaluating payment APIs, you have much to consider. There might be a number of Payment Gateways seeking integration with your software; or maybe you want to offer your customers several partners to choose from, but you don’t know where to start. It’s important to integrate with the right payment provider because integrations take time to build. You don’t want to invest months of development work into a provider that will harm your customers with unethical billing practices, poor service or outdated technology. A bad experience for your…

What Is Tokenization?

What Is Tokenization?

If you’ve been to an arcade, you’ve likely dealt with tokens. When you enter the arcade, you trade legal tender for tokens, which can be used to play at the arcade but have no value outside the establishment. If you win a game, you earn tickets to cash in on a prize of your choice. But you can’t use the tickets elsewhere, they have no value outside the arcade. That’s essentially what tokenization is (in simplified terms). It’s the process of turning important data into a string of characters (known as a “token”) that has…

What Defines PCI Scope?

What Defines PCI Scope?

Whether you’re a player in the payments space or a business processing credit cards, you’ve heard of Payment Card Industry (PCI) compliance. With the intention to optimize security around credit and debit card transactions and protect cardholder information, all parties involved in facilitating a transaction fall within PCI scope. This includes any system components connected to the cardholder data environment (CDE). Processing credit cards can involve many different components, so PCI scope varies depending on the breadth of an organization's CDE. Because of this, many businesses are unaware of the components they are responsible for and which even…