Markiyan Malko - Director of Research and Development

The compliance standards for the Payment Card Industry Data Security Standard, or PCI DSS, are a set of rules that any merchant, bank, financial institution or any other entity that transmits, processes or stores sensitive cardholder data must follow. PCI DSS compliance standards apply to all debit and credit card transactions, including point-of-sale transactions and eCommerce transactions. Prepaid cards bearing the logo of one of the major credit card brands are also considered payment cards. Any business or individual who wants to accept payment cards must comply with PCI security standards, regardless of how few transactions are processed.  The Payment Card Industry Standards Council is the organization responsible for defining PCI DSS. The council is not an agency of the...

READ FULL ARTICLE

An interesting email came across my desk this morning from one of our good partners that is being targeted by a company called PayJunction. It is always interesting to read an email from a competitor of ours that is misinformed about PCI and PA-DSS or elects to mislead customers. Lets start with: "I understand you currently integrate with Merchant Warehouse, however, we can offer something they can not. We have a solution that will allow you to retain integrated credit card processing... while totally taking you out of the scope of PCI." Couple issues with this statement. First, Merchant Warehouse has had this type of solution for two years, it's called MerchantWARE Transport. Not only did we have it first, we have three different options to accommodate our partners whether they are...

READ FULL ARTICLE

When you want to look up a restaurant or dry cleaner in your area most people just “Google” it. Well, if all goes according to what we’re hearing, you may be able to pay for your dinner and freshly pressed trousers by just “Googling” them as well. Google announced Google Wallet yesterday with great fanfare.  The Google Wallet will use the Android smartphones that have NFC technology built in.  This new ‘wallet’ will let customers store multiple payment and gift cards as well as participate in Google Offers, which will drive targeted coupons and ads to customers based on their transaction history. Both New York and San Francisco will trial the Google Wallet this summer with more cities slated to follow and an anticipated launch date of September 1 later this year. We think...

READ FULL ARTICLE

“And the ISIS trial city for mobile payments is awarded to (drum roll, please)….Salt Lake City.”This isn’t the first time Salt Lake City has been the centerpiece of extravagant proportions. The 2002 Winter Olympics were held there nine years ago (that was a Yogi Berra-ism, for anyone playing along).This time around, however, the city will be more heavily scrutinized, as ISIS, a joint venture of three U.S. wireless carriers, has chosen it to test mobile wallet technology. This technology, if successful, could become the de facto way consumers pay for everything from their morning joe to their high-def television.Simply put, in the future you will have a chip in your smartphone that when waved in front of a reader will allow you to pay for merchandise.How simple is...

READ FULL ARTICLE

Recently I attended the Alternative Payment Systems Innovations Summit in hopes of finding what the next big thing in payments was and came away with more questions than answers. Heading into the summit, all I heard for the past couple months was about NFC and how it will absolutely revolutionize the payments landscape and, not surprisingly, it was talked about a good amount.Although there was some positive talk about NFC (mainly by solution providers who have NFC solutions), the rest of the exhibitors and attendees were lukewarm on the concept. Mainly, the big box retailers like Wal-Mart, 7-Eleven and Macy’s were all very reserved on NFC if it’s main value and function is payments. Contrary to popular belief, swiping a credit card on a terminal is really not that...

READ FULL ARTICLE

We are proud to announce a new product offering today that helps merchants and POS developers who utilize mobile solutions become PCI compliant and avoid PA-DSS headaches.TransPort.Mobile is a hosted payment page specifically designed for mobile displays that offloads the card processing functionality from mobile applications and Websites and keeps them out of scope for PA-DSS.There is a huge need for a security solution for mobile applications as at this time the PCI SSC is refusing to PA-DSS validate mobile applications due to security concerns. You can read their official position on mobile solutions here.Who needs TransPort.Mobile?Mobile application developers that need to accept credit card payments in their application.POS developers that need to extend the functionality of...

READ FULL ARTICLE

Although PCI has been around for a few years now many merchants still are not familiar enough with it and are intimidated by the validation process. It's important to remember that there are companies and service providers out there that can help with the process for a minimal fee which is much lower than any fines and fees that the merchant would be responsible for if they were breached. Validation and ongoing compliance are important business requirements and expenses for any successful business that accepts credit card payments.For all those not familiar with the PCI DSS and as a refresher for those that are, here are the top ten myths taken from the official PCI SSC site.Myth 1 – One vendor and product will make us compliantMany vendors offer an array of software and services for...

READ FULL ARTICLE