In light of recent security breaches and announced plans by other companies in the industry to address End-to-End (E2E) data security solutions, ProPay has been implementing an End-to-End data security solution over the past several months.
To that end, ProPay is announcing a complete End-to-End data security solution which reduces, and even eliminates, the risk merchants bear of having sensitive payment data compromised.
"Fees and fines for payment card breaches has cost companies millions of dollars in 2009, underscoring the need for companies' End-to-End data security strategies to extend beyond PCI compliance," says Gary Goodrich, CEO of ProPay, one of the first companies in the United States to offer a comprehensive End-to-End data security offering for the payment card industry.
The foundation of ProPay's approach starts with removing the existing sensitive data from a merchant and then providing a means of accepting and processing payments that don't require a merchant to store, transmit, or process sensitive payment data. From the point-of-sale where sensitive payment information is obtained, and a large percentage of credit card data is stolen, ProPay's products and services safely capture the data and protect it throughout processing, transmission and storage. With this data removed from a merchant's system, the merchant's PCI scope is significantly reduced and the associated risks of losing the data are removed.
"ProPay believes End-to-End is much more than just encryption - it's a full strategy that comprises security, compliance, storage, and single-vendor partnerships, as appropriate, to fit every organization's individual needs," continued Goodrich. "ProPay provides an End-to-End solution that we believe is unique in its ability to secure sensitive data by entirely removing it, while still enabling the merchant to perform their necessary business functions with the customer information."
ProPay's full E2E strategy takes a four-pronged approach:
- E2E Security - From the point where sensitive payment information is obtained and throughout transmission, processing and storage of the data, ProPay removes sensitive payment information from the merchant so they never touch the data. Removing the data removes the risks.
- E2E Compliance - ProPay alleviates most of the merchant's PCI validation requirements. Rather than having to deal with the burdens of evolving security standards and then hope that they are not breached, business owners can offload the information to ProPay, which specializes in the secure storage and handling of such sensitive data.
- E2E Data Storage - From payment card transaction data to financial, health care information and other sensitive personal information, ProPay ensures that sensitive data is archived and stored in a secure environment. A unique ID or token is used by the merchant for further transactions on the data.
- E2E Single Vendor Partner - ProPay has more than a decade of experience providing simple, safe and affordable merchant payment solutions to its customers, having gained knowledge and expertise in all areas relevant to acquiring, issuing, processing, and storing sensitive data.
"ProPay has demonstrated an industry leadership position by ensuring continual compliance with the PCI standard as well as ensuring security remains a core competency of their organization," said Chris Mark of the Aegenis Group. "ProPay developed the third generation ProtectPay and MicroSecure technologies specifically to reduce the risk to cardholder data and reduce the PCI DSS compliance burden of their clients."