A payment card breach can put micro-merchants out of business, so what can they do to prevent it?
London, 24th August 2020: Payment card data breaches have resulted in financial losses and sometimes business failure for merchants and service providers that have been inept in protecting IT systems and business payment processes. The problem is not just limited to high-profile corporates as breaches can occur with small- to micro- businesses employing less than 20 people, for example, convenience stores, petrol pumps, sole traders, etc.
How do small-/micro-merchants protect card data in their merchant network and have a secure payment solution in place painlessly? Is there a simple, low-cost process that can mitigate risk of card breach and ensure total security during card payments for micro-businesses to be compliant to PCI-DSS (payment card industry data security standard)?
IPOSUP (as well as card schemes such as Visa and MasterCard), suggest the following simple steps to prevent card breaches:
- Use Point-to-Point Encryption (PTPE) of card data from card terminals to the payment processor such as IPOSUP,
- Process only Chip and PIN and Contactless payments, hence, do not accept magstripe nor manual card entry of cards,
- For In-App and Website payments, use HCE card tokenisation,
- Eliminate card data completely in merchant environment by never asking for card numbers for phone orders, instead send a payment URL link to the cardholder for initiating a card payment by downloading the IPOS WALLET app.
IPOSUP is now deploying micro-merchant card payment service with free IPOS bric chip and PIN and IPOS soft Contactless readers that encrypt card data preventing breaches (www.iposup.com). IPOSUP’s PTPE and HCE card tokenisation solution complies with security recommendations specified by Visa and Mastercard and Payment Card Industry Security Standards Council (PCI SSC).
“Our mobile IPOS bric and soft card payment solutions are based on Visa and Mastercard HCE EMV Tokenisation standards. By effectively removing clear card data from the merchant’s network, we have helped our micro-merchants to eliminate any effort required in achieving PCI DSS compliance and effectively taken their physical POS and m-commerce sites out of scope.”, says Dr Patni, CEO of IPOSUP.
IPOS bric and IPOS soft mobile card payment solutions are expected to be launched pre-Christmas 2020. Benefits include:
- Achieve highest level of security:
- Card data encryption within IPOS bric and soft chip & PIN and contactless readers with decryption at the host
- Card tokenisation support within m-commerce merchant apps
- Industry Standard DUKPT Encryption within the IPOS WALLET app
- No need for merchant PCI-DSS certification using external QSA
- Ease of merchant registration and secure remote key injection
- Significant reduction in chip & PIN, contactless and In-App payments processing costs with only 1.3% merchant service charge
IPOSUP is the trading brand of HCE Service Limited which is a global mobile payments and tokenisation services company. It provides highly secure In-App, web, EMV Chip and PIN, contactless and Gift card payment services to independent and multi-chain merchants.
Founded in the UK in 2015, HCE Service is led by a team of over with 150+ years experience in the payments industry.
IPOS WALLET app and host payment gateway empowers micro-merchants to quickly accept standalone and integrated card payments within stores, mobile in-app and web commerce channels with no capital investment and only card transaction fees of 1.3% for Visa and Mastercards.
IPOS WALLET cost-effective card payments solutions are constantly enhanced to benefit EPOS, Kiosk, Hospitality, Mobile and Internet environments. HCE Service supports simple, mobile digital card wallets certified with Visa VTS and Mastercard MDES token services and “PIN on Glass” mobile payments using commercial off-the-shelf mobile devices meeting the PCI SPoC standard.
IPOSUP focuses on ‘providing excellent customer and partner experiences anytime, anywhere’.