Merchant Link SecurityCents

A blog that comments on the latest developments in the world of payments, payment data security and technology, PCI compliance, and more.

Posts Tagged ‘ Merchant Link ’

At Merchant Link, we never forget that we began as a service company. Our highly knowledgeable technicians, installers and support agents are empowered to do whatever it takes to take care of our merchants. We invest in our people through training and mentoring. We proactively monitor merchant sites. We seek feedback on improvements to our services and support. We continually strive to create a culture of superior service.

As Director of Service Delivery for Merchant Link, I invite you to learn more about the teams that make up our Service Delivery Group and the range of services they provide in this new brochure.

And, whether you’re already using Merchant Link or will be soon, check out this presentation for tips on how to get the most out of our services.

It’s always great to connect with our customers, and even more rewarding when we’re able to partner together to support an important cause. This week, in partnership with Carlson restaurants, we sponsored Have a Heart Fund’s annual Golf Classic to support T.G.I. Friday’s® team members who have experienced unforeseen tragedies such as a fire, tornado, life-threatening illness or serious accident. As Hurricane Isaac pounds the Gulf Coast, we’re all reminded once again how important it is to reach out and lend a helping hand when disaster strikes.

Despite recently spending $150 on golf lessons, my game was nothing but a series of shanks, hooks and duffs.  On the positive side though, more than $100,000 was raised this year, along with an additional $25-$30,000 at the live auction!

Whether my golf game was on par or not, we had a fun time playing golf with the MICROS folks.
(L to R: Sal Marin, MICROS Account Exec.; Troy Mechura, Director of Business Development; Jeff Pinc, VP of Sales for Major Accounts at MICROS)

After golf, everyone gathered for a silent auction and dinner where personal stories were shared about people who have benefited from the charity. Have a Heart has raised more than $4 million over the past six years.

SILVER SPRING, MD (April 23, 2012) – Merchant Link, a leading provider of payment gateway and data security solutions, today announced it has been designated by AmericInn International, LLC as the preferred provider of payment and data security services for its franchisees. AmericInn® is one of the fastest growing limited service lodging chains with over 260 locations in 27 states. Locations utilizing an integrated property management system for payments are now required to install the Merchant Link solution.

“As credit card data breaches continue to make headlines, and as we continue to grow our business, we knew we had to do everything possible to secure the personal data of our guests,” shared Mark Nicpon, CIO, of AmericInn International, LLC. “Merchant Link’s hosted solution secures cardholder data from the moment of capture and ensures data is not stored anywhere on premise. The solution also helps ease PCI compliance effort and cost for our franchisees.”

The comprehensive solution incorporates the Merchant Link Payment Gateway, TransactionVault tokenization and TransactionShield point-to-point encryption technology. The Merchant Link Payment Gateway provides connectivity to all major processors and sends payments quickly, while detecting and correcting errors along the way. TransactionVault removes guest credit card data from hoteliers’ systems and stores it in a secure, hosted “vault” – away from the business and safe from hackers. TransactionShield encrypts data at the point of interaction and protects it as it travels through the hotel’s IT environment. Decryption occurs within Merchant Link’s cloud-based payment gateway, reducing the risk of comprise.

“AmericInn understands the importance of processing payment transactions securely as well as the value of the support services we provide their franchisees to access information and immediately remediate problems,” said Dan Lane, Merchant Link’s President and CEO. “We are proud that AmericInn has selected Merchant Link as the brand standard for its franchisees and we look forward to working with them.”

Installations are already underway and adoption across the entire chain is expected to be complete over the next 12 months.

About AmericInn
AmericInn® is a leading mid-scale lodging chain with over 260 locations currently open or under development in 27 states. The brand is dedicated to providing an exceptional lodging value for its guests by offering great rates and amenities such as free, hot, home-style AmericInn Perk breakfast, free hotel-wide wireless high-speed Internet, inviting swimming pools and Easy Rewards. AmericInn is part of Northcott Hospitality, owner and developer of successful franchised hospitality brands for more than 50 years. For more information on AmericInn development opportunities visit or call 1-866-220-7140. For AmericInn reservations visit or call 1-800-634-3444.

Options to include hosted payment page and encryption

SILVER SPRING, MD (April 16, 2012) – Merchant Link, a leading provider of payment gateway and data security solutions, today announced that it is developing an innovative e-commerce solution for merchants to process payments securely in card-not-present environments. Agents who are interested in promoting this solution to their merchants should contact us through our merchant residual website.

Working closely with industry-leading partners, Merchant Link will offer two options to secure
e-commerce transactions and online payments:

  • Hosted Solution: This option will enable a secure process to route sensitive cardholder data directly from the checkout page to the Merchant Link gateway while preserving the look and feel of the merchant website, enabling a seamless user experience.
  • Encrypted Solution: This option will encrypt sensitive cardholder data at the moment of capture and prevent such data from being available to the e-commerce application or merchant.

Both options will significantly improve data security while reducing PCI scope and costs by blocking merchant access to cardholder data, the encryption and decryption environments, and to key management operations.

“This offering reflects our ongoing commitment to expand the breadth and depth of our services to provide merchants with all the options, security, support and flexibility they need when it comes to payments,” said Dan Lane, Merchant Link’s President and CEO.

The new solution is expected to be available by the end of the year.

Webcast #4 in our payments education series is up!

In this video, we take a look at merchant services, pricing, and what you can do to better manage your processing costs.

Check it out and let us know what you think.

The Verizon RISK team has published the highly anticipated 2012 Data Breach Investigations Report.  After seeing steady declines for the past two years, the report finds that breaches skyrocketed in 2011, boasting the second-highest data loss total since the Verizon team started keeping track in 2004. While mainline cybercriminals continue to target monetarily valuable data, 2011 saw a re-invigoration of online activism. “Hactivism” is targeted towards larger organizations worldwide with the intent to damage the brand and embarrass the organization. In addition to the significant increase in number of attacks, the report shows organizations required to be PCI DSS compliant continue to struggle. According to the report 96% of breach victims were not compliant as of their last assessment (up 7% from last year).

Most Afflicted Industry
The report found that once again, the most afflicted industry was Accommodation/Food Service (Restaurants 95%, Hotel 5%). The report found that nearly three-quarters of automated opportunistic attacks hit the Retail/Trade or Accommodation/Food Service industries. Even though the amount of data per business is small, these “industrialized” attacks are carried out against large numbers in a surprisingly short timeframe encountering almost no resistance.  Many of these are small to midsize level 4 merchants who are failing in assessing and achieving PCI DSS compliance.

Most Used Techniques
External agents continue to be responsible for the largest proportion of breaches in 2011 (98%). The report shows the most common external breach techniques utilize some combination of hacking and malware (61%). Linked to almost all compromised records is circumventing authentication using stolen or guessed credentials (84% of records).

While internal employee breaches fell again this year to only 4% of total incidents, there is an interesting correlation to the food service industry. Most affected by internal employee breaches were smaller businesses and independent local franchisees of larger brands. The highest percentage of internal incidents belonged to money handlers such as the Cashier/Teller/Waiter category (65%) and the Manager/Supervisor category (15%).

Most Compromised Devices
With the Accommodation/Food Service industry continues to be the most targeted, it is not surprising that the highest percentage of user device compromises consist of POS Terminals (35%), Desktops (18%) and ATMS (8%). The report recommends training staff to detect signs of device tampering and to look for anti-tampering technology in POS and PIN devices.

Mitigating data breach threats can range from simple solutions to costly and complex systems. The report shows overwhelmingly that implementing a few basic safeguards has a big impact for small and mid-size companies that make up a large portion of the Accommodation/Food Service sector. These companies should look to:

  • Implement a firewall on remote access services
  • Change default credentials of POS systems and other Internet-facing devices
  • Make sure your POS is a PCI DSS compliant application
  • Eliminate unnecessary data on site

To assist in eliminating data on site, consider combining tokenization and point-to-point encryption to protect both stored data and data in-flight. Tokenization eliminates storage of actual cardholder data, while point-to-point encryption protects data in-flight from the point of interaction and as it travels through the merchant’s IT environment. If you get rid of the data, you get rid of the risk.

Combined gateway, tokenization and point-to-point encryption solution to be integrated into another major point-of-sale system

SILVER SPRING, MD (March 26, 2012) – Merchant Link, a leading provider of payment gateway and data security solutions, and XPIENT Solutions, a leading provider of point-of-sale, back office, and enterprise management technologies for restaurants, today announced a partnership that allows restaurant operators to increase the security of their payment transactions and cardholder data and benefit from the flexibility and support of a payment gateway service.
“We know restaurateurs are looking for ways to address the ongoing threat of theft and fraud, and we were impressed with Merchant Link’s solution that secures both data in-flight and at rest,” said Christopher Sebes, XPIENT’s President and CEO. “Our customers will also value the flexibility of Merchant Link’s processor-neutral gateway as well as the ability to bolster loyalty programs using Merchant Link’s card-based tokens.”
The integration pairs XPIENT’s innovative point-of-sale (POS) system with Merchant Link’s Payment Gateway, TransactionVault tokenization and TransactionShield point-to-point encryption solutions. Certification is complete and the first beta site is expected to be live within a few weeks.
“XPIENT is a recognized leader in the industry, working with some of the biggest brands and specializing in the quick service restaurant (QSR) segment where we are expanding,” said Dan Lane, Merchant Link’s President and CEO. “This partnership makes sense for both companies to be able to offer more options in the increasingly complex and varied world of payments today.”

Webcast #3 in our payments education series is up!

In this video, we take a closer look at interchange and at the various ways you can keep costs as low as possible.

Check it out and let us know what you think.

Last week, we introduced a unique educational series focused on the fundamentals of credit card processing.

Today, we bring you webcast #2!  “Understanding Transaction Fees” provides insight on the different types of transactions fees and how are they calculated and collected.

Check it out and let us know what you think by leaving a comment below.

Here on the SecurityCents blog, we talk a lot about strategies to secure cardholder data, and what’s happening in the world of payments in general. As part of our ongoing commitment to empower merchants with tools and information to better manage their payments, we’re kicking off a webinar program today, starting with a series on the fundamentals of credit card processing.

This unique series will begin with four recorded webcasts, and will answer questions such as:

  • How do credit card transactions flow through the network and who are the players involved?
  • What are the different types of transaction fees and how are they calculated?
  • What can merchants do to reduce their processing costs?

Then, we’ll host a couple of live webinars April 4-5 where we’ll outline valuable best practices to help you run a more efficient and profitable business. Attendees will also have the opportunity to submit questions to be answered live by our panel of experts.

View our first webcast and sign up for the live webinar by clicking here or on the EDUCATION tab above. And let us know what you think by leaving a comment below.