Monday, December 2, 2013
Thursday, October 31, 2013
Tuesday, September 17, 2013
Wednesday, September 11, 2013
Sunday, August 25, 2013
Discover What the First Data® TransArmor® Solution Can Do for You
Discover What the First Data® TransArmor® Solution Can Do for You
A unique combination of two distinct data security techniques - encryption and tokenization. The TransArmor solution offers multilayered protection.
Our security solution offers these industry-leading benefits:
- The most readily available card data security solution in the marketplace – offered on multiple payment solutions to fit merchant’s needs
- Protects customer’s valuable payment card data from the growing threat of payment card thefts
- Encrypts card data as soon as it enters the merchant environment — prior to transmission — and is protected throughout the entire transmission process
- Reduces PCI compliance scope, effort and cost by removing payment card data and replacing with a token
- Allows you to safely store customer data for business processes, customer analytics, recurring payments and more
With the TransArmor solution, payment card data is protected at every transaction stage — in transit, in use and at rest — reducing risk as well as the scope and cost of PCI compliance.
UCommerce Solutions uses First Data's processing engine.
UCommerce Solutions uses First Data's processing engine.
Wednesday, August 21, 2013
EMV for Merchants
It may seem a ways off, but EMV is an important factor that merchants must take into account. From understanding the kind of equipment one can use, to aligning the proper tools to meet security mandates, merchants have a lot on their plate. An overwhelming amount of information is available, but undoubtedly many are still asking a basic question:
What are the next steps you may need to take?
What are the next steps you may need to take?
Many merchants are still left wondering what impact EMV will have on their business. While it depends on the setup of each merchant, you can use the following tips to begin preparing for the conversion to EMV:
- Begin to understand necessary equipment upgrades in an effort to reduce your exposure to fraud and lower your cost of PCI compliance
- Merchants must be able to accept contact and contactless EMV-enabled credit and debit cards no later than the October 1, 2015
- Depending on a your current device, an EMV-capable peripheral (PIN Pad, contactless reader) may be all that is required to be in compliance
- Delaying equipment upgrades could result in equipment shortages and interrupt your PCI compliance, which could result in the loss of revenue
Monday, August 12, 2013
Are you PCI Compliant? It's Mandatory.
Ignite Payments United+ is here to keep you PCI Compliant. Contact kellen@ucommercesolutions.com for details.
Since 2005, there have been more than 1 billion stolen records in over 2,000 separate incidents. In most cases, thieves were seeking payment card data.1 Clearly, it is imperative that businesses do all they can to protect their payment systems from fraud.
If you think your business is too small for thieves to target, think again. Small businesses are now seen as easy targets. A Visa analysis has found that small merchants accounted for more than 80 percent of data security breaches.2 A breach can cost over $200 per compromised record3, and can expose your business to chargebacks, fines from banks or regulators and loss of your customers’ trust.
Are you doing everything you can to protect your business and cardholder data? Let us help you meet PCI compliance standards to protect your business.
If you think your business is too small for thieves to target, think again. Small businesses are now seen as easy targets. A Visa analysis has found that small merchants accounted for more than 80 percent of data security breaches.2 A breach can cost over $200 per compromised record3, and can expose your business to chargebacks, fines from banks or regulators and loss of your customers’ trust.
Are you doing everything you can to protect your business and cardholder data? Let us help you meet PCI compliance standards to protect your business.
What is PCI DSS?
PCI DSS – or the Payment Card Industry Data Security Standard (PCI DSS) – was created by the major credit card companies to prevent fraud. This standard has been around for several years and it works. Between 2005 and 2011, only 4 percent of all breached organizations were PCI compliant at the time of their data breach,1,4 proving that those businesses that take steps to become compliant do prevent fraud.
For a 3-minute introduction to PCI Compliance from a merchant’s point of view, watch this video:
What Happens if I Don’t Become PCI Compliant?
More...The object of becoming compliant with PCI security standards is to help protect sensitive cardholder data from thieves. If your business fails to become PCI compliant, you could be putting your business at greater risk from the growing threat of payment card data breaches and theft, which may result in substantial penalties (such as fines from banks, regulatory agencies, and card organizations), fraud and charge backs, as well as legal costs and lost customers.
Additionally, if you fail to become PCI DSS compliant or to report your PCI DSS-compliant status via a third-party vendor to your merchant services provider, you may also be charged a monthly fee until you do so.
If your business experiences a data security breach, you could even lose your ability to process credit card payments. Perhaps more importantly, you risk the loss of customers. Research shows that 43% of customers who have been victims of fraud stop doing business with the merchant where the fraud occurred.5
How Can I Become PCI Compliant?
You need to work with a vendor that offers PCI compliance services. They will typically take you through two steps:
- A self-assessment questionnaire
- A vulnerability scan
Depending on the complexity of your network, you could be done in less than 30 minutes.
As the processor for your payment card transactions, Ignite Payments offers PCI DSS compliance services through the PCI Rapid Comply solution. PCI Rapid Comply is an easy-to-use online tool that can help you achieve and maintain PCI DSS compliance more quickly and easily.
Of course, you are free to obtain PCI DSS compliance services from other third party vendors. However, using PCI Rapid Comply means that you are working with a solution that is offered by and integrated with your merchant services provider.
To get started with the PCI Rapid Comply solution:
- Visit: www.pcirapidcomply.com
- Or Call: PCI Rapid Comply Help Desk at 1-855-532-4891
What Does PCI Compliance Cost?
The answer to this question depends upon the vendor with whom you work. Make sure to ask about costs up-front.
With the First Data PCI Rapid Comply solution, you incur no new or additional charges. The Compliance Service Fee charged to you includes your annual PCI self-assessment questionnaire (SAQ) and quarterly scans, if needed, which are offered in our PCI Rapid Comply solution.
Merchant Experiences: Cost of Card Data Theft
Did you know that a card data theft can cost your business over $100,000? Below, we’ve included case studies and testimonials from small business owners who have had up to $612,000 in losses from data security breaches that were the result of hacking, malware attacks, and phishing scams. Get PCI compliant now to help protect your business from these losses.
Case Studies
TryMedia (TM Acquisition - TryMedia is a division of RealNetwork.)
Seattle, Washington
January 30, 2012
Seattle, Washington
January 30, 2012
12,456 records compromised
Try Media's ActiveStore application was attacked by intruders who were able to intercept and obtain the credit card information of customers. Credit card numbers, expiration dates, security codes, addresses, email addresses, and passwords to user accounts for transactions that occurred between November 4, 2011 and December 2, 2011 were accessed.
Try Media's ActiveStore application was attacked by intruders who were able to intercept and obtain the credit card information of customers. Credit card numbers, expiration dates, security codes, addresses, email addresses, and passwords to user accounts for transactions that occurred between November 4, 2011 and December 2, 2011 were accessed.
Small Dog Electronics
Watsfeld, Vermont
March 3, 2010
Watsfeld, Vermont
March 3, 2010
Security Breach Method: Hacking
3,000 records compromised
After Small Dog began collecting and matching customer donations for Haiti relief efforts, a hacker breached the website and began stealing customer credit card information. The breach lasted from December 2009 to January of 2010. Three thousand customer records were stolen.
After Small Dog began collecting and matching customer donations for Haiti relief efforts, a hacker breached the website and began stealing customer credit card information. The breach lasted from December 2009 to January of 2010. Three thousand customer records were stolen.
Estimated merchant cost: $612,000
Source: Privacyrights.org
Testimonial
In August 2006, Carla, a small business owner, experienced a data security breach at her restaurant.
“I felt I had been blindsided... I was not aware that could ever happen to me,” she said. “We did end up spending about $120,000 on everything involved, including a forensic investigator, attorneys’ fees... mainly on the fees that we had to pay MasterCard and Visa.”
Carla was shocked to learn that the credit card companies have authority to dole out fines.
Based on a 2010 study, 3 out of 5 small merchants continue to be unaware of their liability in the event of a data breach.6 The study’s respondents didn’t realize the potential ramifications of noncompliance, including potential fines of thousands of dollars and a per-card fee for each card that has to be cancelled.
Get PCI compliant now to help protect your business from these losses.
SOURCES:
1Verizon 2010 Data Breach Investigations Report. March 2012
2 Visa “Drop the Data” Web Site, 2009.
3 Ponemon Institute 2009 US Cost of a Data Breach Study
4 Ponemon Institute 2010 U.S. Cost of a Data Breach. March 2011
5 Javelin Strategy and research. June 2009
6 RSPA Publications Small Merchant Data Security Study by First Data and National Retail Federation 2010
2 Visa “Drop the Data” Web Site, 2009.
3 Ponemon Institute 2009 US Cost of a Data Breach Study
4 Ponemon Institute 2010 U.S. Cost of a Data Breach. March 2011
5 Javelin Strategy and research. June 2009
6 RSPA Publications Small Merchant Data Security Study by First Data and National Retail Federation 2010
Subscribe to:
Posts (Atom)