In a traditional credit card transaction, the merchant is first in line to take the customer’s sensitive cardholder data – the merchant also typically stores the data creating a huge liability should a breach ever occur. The cardholder data then moves from the merchant into the payment process and, finally, a receipt is issued to the customer.
Reduce Your Liability
With BuyerWall™, all merchant liability associated with the risk of processing, transmitting and storing sensitive cardholder data is eliminated. The sensitive data never enters the merchant’s system and is never stored by the merchant.
BuyerWall™ puts a wall between cardholder data and the merchant by separating the card number from the sales information and processing the transaction independently of the merchant or other vendors. EPX is able to do this because it controls both the front end and the back end of the transaction process.
Just a Pile of BRICs
For each transaction, BuyerWall™ issues a BRIC (BuyerWall™ Recognized Identification Code) token (or GUID) to the merchant, which is meaningless to would-be thieves. The BRIC allows the merchant to maintain total control of the customer experience and realize all of the capabilities that previously required the storage of cardholder data including refunds, recurring or return transactions and historical review.
Decreased Merchant Risk
Using a processing system that eliminates cardholder information and its associated liability directly results in dramatically reduced merchant risk, liability and exposure. Merchant PCI compliance is aimed at preventing the likelihood of a breach. The elimination of sensitive cardholder information is aimed at removing the primary target of a breach attempt.
Instead of storing cardholder data, the merchant stores undeciperable BRICS (tokens or GUIDs) that enable them to complete subsequent transactions, yet have no meaning or value to thieves. Simply put, you can’t lose what you never had.
Another way that EPX helps decrease merchant risk is by eliminating many extra points of vulnerability from the typical payment chain. Typical bank card processing involves a patchwork of different systems and services: an independent sales organization connected to a third-party front-end gateway. The gateway sends the transactions into a merchant bank system. The merchant bank sends the merchant’s vulnerable card data to a third-party processor, who finally sends the information to the card association for settlement. EPX eliminates multiple parties handling merchant transactions, and therefore reduces the potential points of failure. This distinguishes EPX from other “processors” and decreases the merchant’s risk exposure, enhances data security, lowers costs and eliminates multiple contacts who may deny responsibility.
How Credit Card Number Tokenization can Reduce PCI Compliance Stress ... and Data Protections Costs
View the eye-opening presentation from EPX COO and Chief Security Officer Matt Ornce that discusses the key criteria to be considered when evaluating cardholder data replacement solutions as an alternative to full encryption.
Click here to download Matt Ornce's slide presentation only (no audio).
Section 1 - July 22 Webinar Presentation by Matt Ornce, CSO, EPX
Section 2 - July 22 Webinar Presentation by Matt Ornce, CSO, EPX
Section 3 - July 22 Webinar Presentation by Matt Ornce, CSO, EPX
