Ingenico, a provider of payment devices and services, announced on Thursday its Ingenico On-Guard payment transaction encryption and tokenization service offering as a complete cardholder data protection solution to Independent Software Vendors (ISVs) and merchants. Built on the industry accepted standards of 3DES DUKPT for point-to-point encryption (P2PE) and host-based tokenization technology, Ingenico On-Guard provides secure transaction processing and stored data security, pre and post-authorization, by encrypting and tokenizing card data at the point-of-sale.
Ingenico's customer, McAllister Software Systems, creator of AVImark software and other practice management tools for the veterinary industry, is one of the initial ISV to integrate Ingenico On-Guard with its payment card processing service.
"We're always looking for ways to offer the highest levels of data security for our veterinary customers, including the thousands of credit card transactions that we process each day," said Scott McAllister, president of McAllister Software Systems. "The Ingenico On-Guard solution is the best we've seen, so the integration with our McAllister Payment Solutions credit card service is a natural fit."
Ingenico On-Guard uses technology that follows industry best practices rather than proprietary technology, providing the highest level of risk reduction associated with payments data acceptance and storage. The solution is compatible with Ingenico payment devices that have already been deployed and offers an array of key differentiators, such as encrypting sensitive cardholder data from swiped, manually keyed, contactless and smartcard data transactions. In addition, the Ingenico On-Guard solution is offered to ISVs and merchants without a per transaction fee for encryption/decryption or hardware licensing fees, ensuring affordability and a widespread adoption.
Ingenico On-Guard is a flexible and scalable card data protection solution which can be easily tailored to fit any ISV's or merchant's payment data protection and PCI DSS compliance needs.
"As a secure payments device and service provider, ultimately we have one objective -- to help our customers protect their brand and drive their revenue by simply allowing them to focus on their business rather than worry about payments processing and data security," says Chris Justice, president of Ingenico, North America. "Our Ingenico On-Guard data security solution is designed with that objective in mind. We are able to offer and implement it in a manner that mitigates the cost and risk of payment acceptance."
According to the fifth annual 2010 Ponemon Institute U.S. Cost of a Data Breach Study, which surveyed nearly 1,000 IT managers, organizations are primarily motivated to adopt encryption by the need to comply with PCI data security standards and the fears about potential cyber attacks. Of the IT managers who took part in the study, nearly 2/3 of respondents said their organizations were implementing encryption in order to comply with some type of regulation. Of these, 64 per cent said they were being driven by the need to comply with PCI DSS. Likewise, tokenization, which allows merchants to securely access card data for future transactions, has also become an important PCI-compliant processing technology for merchants who need to access stored cardholder data.