Merchant Warehouse Provides Solution for Major Flaws in PCI Compliance

Merchant Warehouse, a premier provider of merchant accounts and credit card processing solutions for small- and mid-sized businesses, today unveils a solution that greatly reduces the possibility of cardholder data loss in the event of a network security breach. The new product, MerchantWARE, also makes complying with the payment card industry data security standards (PCI DSS) much simpler and more affordable.

As part of the regulations, PCI DSS mandates that sensitive personal data, including credit card numbers, be encrypted when stored or before being transmitted over public networks. Despite this, savvy thieves can, and have, found ways to steal unencrypted card information while transmitted within the store’s internal networks or point-of-sale (POS) hardware — a vulnerability not addressed by the PCI DSS guidelines. An especially susceptible point in the process is when card data is sent from a card reader to the POS or POS to in-store database.

Merchant Warehouse’s MerchantWARE solution encrypts the data at the card reader, completely eliminating this threat. With MerchantWARE, merchants never actually store or transmit any unencrypted credit card information. By taking this one simple step, small- and mid-sized merchants will eliminate the sensitive data that five of the 12 most intensive and costly PCI DSS requirements seek to protect.

“PCI DSS standards are a great starting point, but there is a major flaw in that they fail to address the issue of unencrypted card information on private networks. In fact, recent high-profile data breaches likely could have been avoided had the data been protected at the point of the card swipe,” said Henry Helgeson, President and Co-CEO of Merchant Warehouse. “Instead of building a bigger wall around the data ‘vault’ with expensive hardware and data security systems, the MerchantWARE solution simply removes everything of value to a thief. With no data to be hacked, the PCI compliance process becomes much more streamlined and affordable for the smaller merchant.

The MerchantWARE solution contains two core components:

  • Hardware — For under $100, the solution utilizes the latest MagneSafe™ secure card readers from MagTek® to encrypt card data at the “read head,” to ensure sensitive data is never exposed. The readers meet all current PCI DSS requirements to secure cardholder data via 3DES DUKPT encryption.
  • Software — To ensure a seamless user experience, the solution includes an integrated version of Merchant Warehouse’s MerchantWARE Payment Gateway. The MerchantWARE Payment Gateway enables merchants to process credit cards, debit/EBT cards and manage their account over a secure Internet connection. It also contains extensive reporting features with the capability to re-charge, refund or adjust previously processed cards, all without decrypting sensitive cardholder data.

Integration with the POS system requires only minimal updates; interested POS vendors should contact Merchant Warehouse at 1-800-968-0953 or e-mail us for additional information on how their customers can benefit.

Merchant Warehouse will demonstrate the solution — along with an overview of possible attacks to a PCI Compliant system and how fraudulent credit cards are made — at booth #5270 during the National Restaurant Association Show May 17-20 at McCormick Place in Chicago, IL.

About Merchant Warehouse

Merchant Warehouse was founded in 1998 on the principle that businesses should be able to purchase credit card processing software, POS equipment, and merchant services at a reasonable price. With over 40,000 merchants, Merchant Warehouse now sets the standard for price, innovation, customer service, and integrity. For more information, please visit our website.


Brian Waldman, Vice President of Marketing and Strategy

Merchant Warehouse
800.941.6557 x2050
bwaldman (at) merchantwarehouse (dot) com

Jeff Dillow / Holly Johnson
PAN Communications
merchant (at) pancomm (dot) com