Press Room

Press Release
It’s Eleven O’Clock: Do You Know Whose Fingerprints are on Your Credit Card Data?

In Recognizing National Cyber Security Awareness Month, B2B Tokenization Leader 3Delta Systems Offers Free White Paper on Safeguarding Corporate and Government Payments from a Toxic Data Spill

Chantilly, VA – October 01, 2009 – 3Delta Systems, Inc.® (3DSI), a leader in online credit card payment solutions and a pioneer in providing payment tokenization services that bolster the security of card transactions while minimizing the cost and complexity of regulatory compliance, today kicked off its observance of National Cyber Security Awareness Month by inviting businesses and government agencies to download a free white paper explaining how to better protect payment transactions from intruders by replacing sensitive credit card data with tokens that are useless to hackers. National Cyber Security Awareness Month, organized by the National Cyber Security Alliance (NCSA), raises awareness about the importance of computer security and helps educate businesses, governments and the general public about practices and technologies they can use to protect themselves online.

3Delta Systems’ free white paper, entitled CardVault®: Solving the Security Risk of Credit Card Data Breaches, explores the escalating risks of storing sensitive customer payment data on internal systems and steps that business-to-business (B2B) companies and business-to-government (B2G) agencies who accept credit card and pcard payments can take to relieve the worry about safeguarding their data if a security breach should occur. It can be downloaded at www.3dsi.com/products/cardvault-whitepaper.htm.

“We all have a hand in securing sensitive cardholder data, but knowing whose fingerprints are on your customers’ payment information and how that data is stored is vital,” said Aaron Bills, founder and chief operating officer of 3Delta Systems. “While no payment system on earth is 100 percent hack-proof, safeguarding card data with the highest encryption standards, translating that data into ‘tokens’ so they’re useless to hackers if stolen, and remotely storing that data with a PCI-compliant service provider are several steps that B2B and B2G merchants can take to protect themselves and their customers from a security breach,” he explained. “Study after study shows that failure to protect credit card and payment data from a breach leads to massive financial costs, customer defections and loss of reputation,” Bills added.

According to the Privacy Rights Clearinghouse, more than 263 million confidential data records in the U.S. – ranging from credit, debit and prepaid cards to Social Security numbers – have been exposed to identity thieves since January 2005 – a figure that the Clearinghouse says should be much larger, since the number of data records exposed for many of the reported breaches is unknown.

In a study released earlier this year, the Ponemon Institute found that data breaches cost companies an average of $202 per compromised record in 2008 – up from $197 in 2007. The cost of lost business accounted for $139, or 69 percent, of that total. Ponemon’s study also reported that companies suffering from a data breach last year averaged $6.65 million in related costs versus $6.35 million in 2007.

Using the combined findings of nearly 600 breaches involving more than a half-billion compromised records between 2004 to 2008, investigators at Verizon Business found that more electronic records were breached in 2008 than the previous four years combined. Their data experts concluded that nearly nine out of 10 breaches could have been avoided if basic security procedures had been followed and that most of the breaches did not require difficult or expensive preventive controls.

“Unless it’s absolutely necessary to retain cardholder data, don’t,” advises Bills. “While consumers are largely indemnified against credit card losses, merchants take it on the chin when there’s a card security breach. To minimize the risk of cardholder information getting into the wrong hands, they need to have the right security controls in place, stay on top of industry rules such as Payment Card Industry Data Security Standards (PCI DSS), and know which options are best for storing, processing and transmitting sensitive cardholder account data. Merchants who collect and store that data themselves often find the process to be a huge headache with potentially significant liabilities for them rather than a convenience for their customers. Enabling merchants to transfer their customers’ sensitive credit card and payment transaction data off site, where it is encrypted and stored at highly secure, PCI-compliant processing centers, is often the best solution.”

“Our customers have been using CardVault since 2003 to transfer their sensitive credit card and payment transaction data off-site where it is received, encrypted and stored at 3DSI’s secure processing centers,” Bills explained. “CardVault is ideal for commercial card-not-present transactions processing and features data conversion, real-time and file-based processing, and ‘cards-on-file’ for repeat customers, web- and/or mailtelephone- based (MOTO) customer order systems. It also integrates with existing enterprise-based systems so that retrieving, accessing or maintaining customer card data is easy, yet highly secure.”

“Plus, with 3Delta’s advanced payments system and Software-as-a-Service (SaaS) model, there’s no software to download or maintain because we manage all updates, maintenance and database backups – in real time, around the clock. And, because CardVault is built on our renowned Level-3 line-item detail and processing tools, 3DSI customers benefit from lower interchange rates and save money with every card transaction.”

download article