The Problem
In today's market, it's expected for a merchant to accept electronic payments. And so merchants have invested in costly systems, shouldering the risk and expense of handling, processing and storing cardholder data. Yet merchants face tremendous pressure to further secure this sensitive information. With data breaches on the rise, the Payment Card Industry Security Standards Council (PCI SSC) has tightend compliance requirements. So as a result, merchants feel forced to invest even more in costly solutions that may still leave their systems vulnerable.
The total cost of a data breach grew to $204 per record compromised.1
The Answer
Data Intercept Solutions for XiSecure On-Demand ensure that sensitive cardholder data never enters enterprise payment acceptance systems – SAP, ERP, CRM, legacy applications, Web stores. How does it work? Sensitive information is intercepted and tokenized at the the time of sale. This secure token then routes to the merchant for authorization and settlement. Raw data never enters the merchant system. Data Intercept Solutions offer the ultimate breach protection, while dramatically reducing the cost and effort to achieve PCI compliance.
With Paymetric's Data Intercept Solutions, merchants may save significantly by reducing PCI audit requirements from 205 to as low as 14.2
Benefits
- Prevents sensitive cardholder data from entering merchants' enterprise payment acceptance systems
- Substitutes credit card numbers with "tokens," rendering the data useless to thieves
- Eliminates fees, fines and legal costs associated with a data breach
- Reduces scope and cost of achieving and maintaining PCI compliance
- May2 qualify merchants for Self Assessment Questionnaire A (SAQ-A), reducing the number of compliance requirements from 205 to 14.
Solution Options
Data Intercept for eCommerce
When a cardholder enters sensitive information through a merchant's Web store, the raw data is transparently intercepted from the cardholder's browser window. A token is generated and routed to the merchant's server for authorization and settlement. The process completes in seconds, entirely transparent to the cardholder. The merchant never transmits, processes or stores the raw data, but instead only stores the token.
.jpg){kind=small}
How it works: Data Intercept for eCommerce Diagram
Data Intercept Standalone
When taking a payment, a merchant accesses the Data Intercept Solution via a web browser that instantly generates a token for the cardholder's data. This token flows through the enterprise payment acceptance system for authroization and settlement. The merchant never transmits, processes or stores the RAW data, but instead stores only the token.
.jpg){kind=small}
How it works: Data Intercept Standalone for SAP
Understanding PCI Compliance
| Understanding PCI | PCI DSS Standards |
| Reducing Cost and Scope of PCI | PCI Compliance & Security Statement |
Learn More
|
|
Data Intercept Solutions Overview | XiSecure On-Demand Overview |
 |
XiSecure On-Demand Solution Overview | XiSecure On-Demand Features |
| XiSecure On-Demand Benefits |
12008 Annual Study: Cost of a Data Breach, Ponemon Institute
2Consult your acquirer or QSA to confirm whether Paymetric's Data Intercept Solutions will qualify you for PCI SAQ-A.
Paymetric Corporate Brochure
Secure ERP Payment Acceptance Solutions
An Introduction to On-Demand Electronic Payment Processing
A Receivables Management Solution Option
Outsourcing Payment Security
How outsourcing security technology is changing the face of electronic payment acceptance practices.
Pioneer Electronics
How Paymetric helped Pioneer Electronics maximize security, minimize risk and reduce SAP downtime to maintain compliance