Merchant Link SecurityCents

A blog that comments on the latest developments in the world of payments, payment data security and technology, PCI compliance, and more.

Is There Still a Place in the Payment System Infrastructure For a Gateway?

November 30, 2010 | No comments | PCI Compliance

Written by: admin

by Dan Lane

With all the changes introduced by the revisions to the PCI-DSS standard in recent weeks, it’s worth taking a critical look at your payments system infrastructure to make sure you have the technology in place to process transactions securely.

One thing we have noticed when discussing PCI-DSS compliance with our customers and prospects is that they have questions about whether a payment gateway still simplifies their electronic payment processing now that tokenization and point-to-point encryption (P2PE) solutions are being touted as the new security catch-alls.  Some payment and technology providers are introducing support for tokenization and P2P encryption, and so the gateway – a secure high-speed payments network that connects a point-of-sale terminal to payment processors – might be considered an unnecessary layer.

Still, what makes the most sense is for companies to use all of these solutions in combination as a layered defense against breaches.

And since payment gateways are designed to support more complex merchant environments, the gateway provides not only an added layer of defense, it also allows for processor choice and the peace of mind that comes with having a solution that is supported end to end.

Flexibility and Control: Avoid Vendor Lock-In

A gateway connects merchants to all major processors and offers the flexibility to switch between processors and payment providers quickly and efficiently, keeping the merchant in control of their offerings and rates.  Merchants with franchisees can offer them the choice of processors and maintain a secure and consistent payments acceptance process across their brand.

Service and Support When Issues Occur

Tokenization and P2PE solutions will distance the merchant further from the actionable credit card numbers, so when problems do occur, it’s critical that the payment gateway or security provider offering the security service takes responsibility to resolve it.  Without access to the card data for problem resolution, the merchant needs to ensure that their vendors offer high-touch support to access information and immediately remediate problems.

Five Questions to Ask

If you are a merchant who is considering tokenization or P2P encryption and considering a gateway and or a direct-to-processor solution, here are five important questions to ask:

  1. What kind of support can I expect when my batches fail or I need to resolve a payments-related problem? Will you take responsibility for helping with the resolution?
  2. How complex is the set-up and installation across all my stores?
  3. How easily will I be able to change processors when my processor contract expires?
  4. How tightly integrated is the security with my point-of-sale and merchant network?
  5. Will I have to invest in new software?

Let us know your thoughts below.

Related content:

  1. 3 Reasons Why a Payment Gateway is Better Than a Client-to-Processor Connection
  2. Merchant Link Launches Next Generation Payment Gateway for Restaurant Sector
  3. Merchant Link to Provide End-To-End Encryption and Tokenization for Secure Credit Card Transactions
  4. Myth: Shopping for a Point-to-Point Encryption Solution is as Dreadful as Fighting Crowds on Black Friday
  5. AmericInn Designates Merchant Link Solution as Brand Standard for Payment and Data Security
Better Related Posts Plugin

Tagged as: , , , , , , ,

Write a Comment