As a tribute to our ongoing efforts to make credit card transactions as secure as possible for their clients,Paladin Data Corp has been recognized by Worldpay (formerly Vantiv) payment processing for participation in the “Race to 100” competition. Points were awarded to participants for meeting a variety of requirements including:

  • Quality Integrated Reseller (QIR) certification
  • Payment Application Data Security Standard (PA-DSS) certification
  • Creation of events, marketing materials, and webinars promoting increased security solutions to customers.
  • Adding new secure payment processing customers

By reaching the stated goals, Paladin Data received a cash reward of $10,000.00.

Worldpay (formerly Vantiv) sponsored the competition to encourage point of sale solution providers to make customers aware of enhanced payment security options such as: the new EMV chip enabled credit cards with signature authorization, the benefits of End-to-End (E2E) data encryption, and security compliance process simplification. The goal is to reduce the amount of credit card fraud at every step of the approval process and give retailers assurance that their business is protected in the event of a security attack.

Why EMV credit cards anyway?

Transactions using magnetic strips send data in one direction only. After the card’s info is read by the card reader, it is bundled up and sent to the payment processor. There’s no way to know if the data came off a real credit card or counterfeit card. With the EMV card inserted in the card reader, the payment processer can verify the authenticity of the card. Once this two-way communication is complete, the transaction can be processed.

There are three areas where attackers typically try to intercept credit card data:

  • The swipe device
  • The point of sale software at the register or kiosk
  • During the transfer of credit card data to the credit card processor

The swipe device

The new EMV chip enabled cards are far more difficult to duplicate and make it hard for credit thieves to create and use counterfeit cards. EMV cards used along with a second form of user validation (PIN or signature) will help reduce or eliminate fraud at the point of sale.

Point of sale software and data transfer

The EMV cards are a great step forward but they do not protect the card data after the verification process is complete. To be certain the rest of the process is secure, the card data needs to be encrypted immediately after it is read from the card (by swipe or by chip) and remain encrypted at every step along the entire process using End to End (E2E) encryption. Even as the EMV card sits idle in the chip reader, technology, like MToken, will generate a new encryption code every 60 seconds in order to keep the card data safe.

Moving forward

While EMV cards will allow you to use the magnetic stripe on the back of the card to complete a sale, your business will be best protected by processing transactions using the EMV chip. Enhanced security and the dramatic reduction in fraudulent credit card purchases will make this new system well worth the investment. Check with Paladin to find out what your system requires to make this important upgrade.

By George Maginnis