|
Accept Credit Cards
Merchant Services
Internet Merchant Accounts
Wireless Merchant Accounts
Pay by Phone Merchant Accounts
Retail Merchant Accounts
International Merchant Accounts
High Risk Merchant Accounts
Free Merchant Accounts
Mobile Credit Card Processing
eCommerce Merchant Accounts
Merchant Account Reviews
MerchantExpress Review
Charge.com Review
Merchant Warehouse Review
Costco Merchant Accounts
PayPal Review
Google Checkout Review
Other eCommerce Services
Best eCommerce Hosting
Best SSL Certificates
Best Shopping Cart Software
Best Domain Names
Best Payment Gateways
BigCommerce Shopping Cart Software
Merchant Accounts
Merchant Account Fees
Accept Visa Cards
Accept American Express Cards
Accept MasterCard
Credit Card Terminals/Machines
POS Terminals/Software
Credit Card Chargebacks
Merchant Account Terminology
Credit Card Security
Credit Card Encryption
How Merchant Accounts Work
Accept Credit Cards
Credit Card Processing
Why Your Business Needs Credit Card Processing
Partners
Affordable Web Hosting |
Credit Card EncryptionCredit Card Encryption- Credit card encryption is very important in online security. If you accept credit cards you should understand what is credit card encryption. Keep reading this credit card encryption review for more info. 
Encryption is a way of concealing data so that only the intended sender has access to it. Credit card encryption should be an integral part of every credit card transaction. This article tells you more. The Standards for Data Security The PCI Security Standards Council sets the standards for the secure treatment of cardholder information. To this end, they have created standards for data security, called the Data Security Standard (DSS). These standards are intended for merchants who handle customers account data, including credit card information, and they mandate that cardholder data should be protected by encryption and define which elements of cardholder data may be stored, may not be stored, and which require encryption. The element identified as requiring encryption is the Primary Account Number (PAN) of the credit card. The cardholder name, service code, and expiration date only require encryption under PCI DSS if they are stored in connection with the PAN. If the PAN is not stored or transmitted, then the encryption rules do not apply to any of these items of cardholder data, and other items such as full magnetic strip (magstrip) data; the card validation code, referred to as CAV2, CVC2, CVV2, or CID; and the PIN entered as validation by the customer or the PIN block that appears in the transaction message are not permitted to be stored. In addition, there are also standards for encrypting a Wireless Local Area Network (WLAN) on which cardholder information is stored. As of June 30, 2010, the WEP (Wired Equivalent Privacy) standard cannot be used in a Cardholder Data Environment (CDE). Encryption must be carried out with WPA and/or WPA2 (WiFi Protected Access; WiFi Protected Acces version 2) security, which uses AES (Advanced Encryption Standard) encryption, a newer and more secure encryption standard than WEP, which uses DES (Data Standard Encryption), an earlier type of encryption. If PANS are being stored, the relevant requirements are the one numbered 3, which has to do with protecting cardholder data, and number 4, which is about encryption. To make sure you’re in compliance, you should get your own copy of the PCI DSS here: www.pcisecuritystandards.org/security_standards/pci_dss_download.html. Compliance with PCI DSS can be assessed by a Qualified Security Assessor (QSA) or completed internally with a Self-Assessment Questionnaire (SAQ). Compliance enforcement is carried out by the acquirer for Visa and MasterCard, and by American Express itself, for companies that handle Amex transactions. The current cycle for implementing version 1.2 of the standards began in October 2008 and due to a June 2010 change in policy it will last until October 2011. Ways to Approach Credit Card Encryption There are several ways that an online merchant can decide to deal with credit card security and encryption. One is to directly process customers’ credit cards and follow the PCI DSS guidelines oneself. If this is the approach you decide to take, get in touch with your webhosting service to find out what measures they have in place or research webhosts’ approaches to credit card security prior to signing up if you have not yet settled on a webhosting service. You can also deal with credit card encryption by leaving it to others. For example, the PayPal service Website Payments Standard allows your customers to use their credit card through PayPal without their having to have a PayPal account. There is a transaction fee that goes down as your sales increase. The percentage is 2.9 percent for up to $3000, 2.5% for $3000 up to 10,000; and 2.2% for $10,000 to $100,000, plus a $0.30 fee for each transaction. There is no setup or monthly fee. Payflow Gateway is another service in which PayPal handles the security of your credit card transactions, including credit card encryption. Google Checkout is another service that similarly frees merchants of dealing with the issues of credit card encryption. Related Article: How Merchant Accounts Work >>
|
Best Merchant Accounts Merchant W.H.
Charge.com
MerchantExpress
|