Skip navigation
All Places > In the News > Blog > 2017 > February > 03

In the News

February 3, 2017 Previous day Next day

While integrated payments solutions offer many obvious benefits, payment processing remains a confusing topic, for several reasons. Payment processors offer solutions that address different pieces of the payments pie, and integrate with different software solutions and services. Over the past couple of years, the point-of-sale (POS) environment used at a merchant location has seen a significant transformation. Key elements accelerating this change can be attributed to PCI security, EMV chip cards, software deployment and the consumer experience. Creating a product to incorporate all of these elements can be difficult and choosing a partner that meets your target market needs for today and into the future requires a unique integration suite designed with your goals in mind.

 

Your delivery matters

With growing advancements in cloud-based technology, Software-as-a-Service (SaaS) deployment is emerging as a best practice for companies looking for the most functionality at the lowest total cost of ownership. Even businesses currently using distributed solutions are realizing that the SaaS delivery model holds promise for lowering operating costs and reducing service maintenance stress.

 

Understanding that each POS is unique, Vantiv delivers two cloud processing, semi-integrated solutions to fit the various needs of our partners. triPOS Cloud encompasses a quick pairing process to an EMV capable PIN pad and the cloud service. TranCloud uses a pre-configured device to communicate with multiple PIN pads via the merchant’s IP Address and COM port. Like most cloud solutions, merchants can be processing in minutes, but an additional advantage of our semi-integrated solutions is that they do not require complex networking.

 

In the past, software developers rarely had to concern themselves with updating PIN pad software. However, with the introduction of EMV, updates are now necessary to ensure functionality and security. Each of our cloud solutions offer remote services to update PIN pads, simplifying the ongoing maintenance of hardware that brings little value to your solution.

 

Semi-integrated is the primer for options

Compliance is most often considered an operational burden that siphons valuable time, expertise and capital. Additionally, newer security and risk services like point-to-point encryption (P2PE) and EMV require the use of a PCI-PTS certified Secure Cryptographic Device (SCD) that must also be integrated. One of the better ways to reduce the onus of PCI and EMV compliance is by utilizing a semi-integrated (SI) POS.

 

There are many perks for both merchants and developers choosing the path of an SI solution. With an SI solution, the responsibility of integrating to device hardware shifts to the service provider. Our EMV integration suites support 15 PIN pads with multiple connection options (IP, Wireless, Bluetooth, USB, and Serial). Moreover, when choosing a solution, developers can implement hardware to meet the various merchant preferences or markets served. Vantiv Integrated Payments supports almost every merchant vertical, and our hardware enriches a variety of use cases. For instance, wireless PIN pads for pay@table or in-aisle. Or high-end PIN pads for jewelry stores or the medical field for custom screen displays for documents. As new devices become certified, the SI solution makes it easy to upgrade your arsenal.

 

Your merchants are processing in a new era– one filled with new possibilities and enabled by a generation of new devices. The new device era (digital wallets, mobile payments, tablet POS, and more) has created a complex ecosystem for merchants and their partners to navigate. That is why it is necessary to have SI offerings that support multiple form factors including Windows, Linux, iOS and browser-based solutions. Vantiv works hard to find the right combination of solutions and services to enable our partners and customers to stay relevant and win together.

 

Improve customer experience and profit

Many merchants are using an out-of-date POS system, or not using one at all. Some retail segments lag behind in POS adoption more than others. As customers expect consistency across all channels, from brick-and-mortar locations to websites, mail order catalogs, mobile apps, emails and text messages, many merchants struggle with how to do it all effectively. Only a third of retailers have streamlined even the basics of cross-channel commerce such as online ordering for store pickup.

 

Customer experience is a core value of Vantiv’s products and solutions. Because we offer support for so many different industries and payment technologies, we are a good platform for developers who need to build OmniCommerce applications. Some examples illustrating OmniCommerce use cases are provided below.

 

  • Securing your application with P2PE and tokenization
  • Multiple transactions, one receipt
  • Buy online, pick up in the store
  • Implementing recurring billing to maximize sales and efficiency
  • Mobility – in-app purchases with Apple Pay
  • Adding EMV to your payment application

 

While industry leaders and solution providers are only now doing work to improve the costumer experience, Vantiv architected an integration suite with optimizations in place. Our experiences in payments around the globe enhances our awareness to anticipate what’s next.

 

Learn more about our two cloud solutions Datacap Systems TranCloud Overview and triPOS Cloud Overview

Security and risk professionals are continuously hit with the tsunami of new vulnerabilities, and there aren’t any signs of breach activity slowing down. According to the Verizon 2015 Data Breach Investigations Report, nearly 43 million security incidents occurred in 2014.[1] And it’s no surprise that the vast majority of these breaches occurred against small to mid-sized companies.

 

A variety of tools are available to boost your point of sale credit card security. Consider the following steps:

  • Upgrade credit card POS swipers to accept EMV chip cards.
  • Upgrade all point of entry hardware to use point-to-point (P2P) encryption.
  • Consider tokenization technology to encrypt credit card information.
  • Consider partnering with a processer that offers bundled PCI compliance assistance programs, such as Vantiv's OmniShield Assure, to safely accept payments and dramatically reduce your fraud liability.

 

A smart card is a smart choice

The dramatic increase in counterfeit card fraud was what originally motivated the global payments industry to move to chip technology (smart cards). Contrary to magnetic stripe cards, EMV chip cards are designed to store sensitive data (such as PINs or keys) securely, and have the ability to manage risk and perform cryptographic computations dynamically. One of the key elements of EMV is the ability to authenticate a card to be sure that it is not a clone or counterfeit of the original card. As a result, any data that is stolen is significantly devalued and cannot be used to create counterfeit magnetic stripe cards.

 

Vantiv offers a set of integration methods and services that help developers extend their payment application to support EMV chip card acceptance. Developers can choose the integration approach that best fits their requirements based on the type of business, target markets, security requirements, and preferred form factor (Cloud, PC or mobile).

 

Stop theft at the door

In a P2P encryption solution, the cardholder data is encrypted at the point of entry and decrypted only at the intended recipient end. Vantiv’s P2P encryption solution helps protect data in transit by encrypting and transmitting cardholder data securely over any network. By leveraging Vantiv’s PCI-validated P2PE solution and our PCI PTS SRED certified hardware, payment applications are removed from PA-DSS compliance and merchants can qualify for reduced PCI-DSS scope

 

Although P2PE isn't the only tool that helps protect sensitive payment data from theft, many experts rank it highly. When polled about security strategies, financial executives believe P2PE will have the highest impact on data security and reducing fraud.

 

Rest easy knowing card data is safe

The use of tokenization in payments is to remove account data from the merchant’s card data environment and replace it with something that is useless outside of the environment in which the token was created. Tokenization can reduce the scope of your systems that fall under PCI DSS compliance requirements, thereby reducing the costs and man hours associated with the validation process. With Vantiv’s tokenization solution, customers can confidently focus on growing their business, while knowing that sensitive cardholder data is protected.

 

Shield your merchants from the elements

When developers bundle their POS application with Vantiv’s EMV acceptance, P2P encryption and tokenization solutions, merchants also gain access to PCI Assist and Breach Assist to help protect against the constant vulnerability threats data breaches present. OmniShield Assure delivers the tools merchants need to comply with new card network regulations, as well as protection from the four major threat factors facing their business: card data security; fraud protection; PCI compliance; and risk, including data breaches.

 

Major breaches do happen and have been costly for several organizations. Merchants are responsible for their own security in the PCI DSS ecosystem. It can be complex, and many merchants do not fully understand the inner workings of the standard, how it applies to them, and how to ensure their technology partners are properly securing their data.

 

As a POS developer for applications that accept payment cards, you must be prepared for a breach to occur and partnering with Vantiv can help reduce the responsibility for handling card data securely. There is no silver bullet to stopping data breaches, but by taking a comprehensive approach to credit card security you can significantly reduce your and your merchants’ vulnerability to internal and external threats.

 

 

 

 


[1] Verizon 2014 PCI Compliance Report,” Verizon, http://www.verizonenterprise.com/resources/reports/rp_pci-report-2014-executive-summary_en_xg.pdf