User Tools

Site Tools


developer:security

Security

Attaining and maintaining PA-DSS (Payment Application) and PCI-DSS (Payment Card Industry) compliance is an ongoing concern for many software application providers and their clients. Security is the backbone of our architecture. We utilize leading security methods and best practice to secure credit card transactions that are transmitted, processed and stored within a software application. There is a fundamental difference between Security and PCI Compliance.

Our middleware is PA-DSS approved allowing us to shield POS Partner Applications from PCI scope so our Partners can focus on building their applications.

Fraud Prevention

The Fraud Center allows you to view and change the settings of each transaction source in order to control various security aspects and prevent credit card fraud from occurring in your Merchant account. The merchant can add fraud modules to filter transactions.

The available modules along with instructional videos is available at Fraud Center.

Tokenization

Our tokenization services prevent the unauthorized capture and exposure of cardholder data. This isolates and protects merchants by tokenizing from swipe to processor, eliminating PAN data storage. Tokens are a reference to cardholder data stored within secure Level 1 PCI facility.

The full description and example code are available at Tokenization

PIN and Hash Encryption

To validate transaction authenticity, the merchant can set a pin code for a source. The pin is stored in the merchant's software, or entered manually when the transaction is placed. The pin is not sent to the gateway, but is instead used to create a hash (also known as a fingerprint or message digest) for a transaction.

The description of the process for calculating the hash from the pin, along with example code, is available at Transaction API.

Encrypted Transactions

In order to protect credit card data transmission throughout the entire payment process it is critical to encrypt the the data once the card is swiped. Axia encryption technology ensures the highest level of security during data transmission between the card reader and terminal of your choice.

More information is available at Encrypted Swipe.

End to End Encryption

Axia ePay provides end to end encryption so that transactions are secure from the moment the cardholder swipes the card through to the settlement of the transaction.

The description along with sample code is available at End to End Encryption

developer/security.txt · Last modified: 2014/01/24 23:18 (external edit)