Fraud Victims Rise, Encryption Schemes Leaving Security Gaps

Oct 23, 2018

In today’s digital world, encryption schemes are everything. Are you absolutely sure your business is protected? Recent reports might cause you to take a closer look at how you’re protecting your customers’ sensitive information.

At the point of sale, there are two encryption options: PCI-validated point-to-point encryption (P2PE) solutions and nonlisted encryption solutions, which lack several key requirements. The PCI Security Standards Council has validated 60 P2PE solution providers. However, there are also hundreds of nonlisted encryption solutions that are known as end-to-end encryption (E2EE) solutions.

“The trouble with unlisted solutions is that there may be no way for a merchant to know whether the provider has fully addressed the controls identified by the PCI Security Standards Council as necessary to properly protect the account data,” according to Coalfire, a P2PE assessor.

“Many of the unlisted solution providers Coalfire has reviewed do use very secure processes; however, since unlisted solutions have not been assessed under the standardized PCI P2PE framework by qualified assessors, merchants using these solutions may still need to implement additional security countermeasures to ensure threats associated with the absence of these controls.”

P2PE solutions that are validated have been assessed by a P2PE security assessor and have met the PCI P2PE standard. Those that have not been validated – nonlisted solutions – are missing the following key points:

  • Key management. The problem with poor key management is that it leaves the door wide open for hackers to comprise keys and unlock encryption. Nonlisted solutions do not have their key management processes audited regularly with PCI P2PE.
  • P2PE devices. The majority of device manufacturers offer certified versions of their devise that work with validated P2PE solutions and includes SRED (secure reading and exchange of data).
  • Key storage. Key storage and decryption happens in hardware security modules that have been validated by PCI.

How to Protect Your Business

How can you protect your customers’ sensitive information and protect your business? It’s critical that you implement solutions that immediately encrypt card data at the point of entry. Despite popular belief, EMV (chip cards) alone will not protect your business from card data compromises. The good news is that you can obtain an EMV card reader that has P2PE capability built in. You can also:

  • Assess your payment environment. Unfortunately, credit card terminals are not the only vulnerable devices. Take some time to assess your payment environment and see where you can improve. For example, many back offices and call centers are wide open and unencrypted.
  • Consider all your options. Most experts say that, compared with nonlisted encryption, P2PE offers a higher level of security assurance. This allows you to reduce compliance requirements by up to 90 percent.

If you need safe payment processing, consider working with the team at EMB. Our team has years of experience in working with high risk merchants, and offer payment processing solutions that keep your customers’ information safe. In addition to offering a secure merchant account, we are constantly adding features on a daily basis.

  • Fast approvals in 24 – 48 hours.
  • No set up fees for most merchants.
  • High Risk merchants approved.
  • High volume solutions: load balancing gateways and multiple MIDS.
  • Chargeback protection & chargeback prevention programs available.
  • iCheck Check Processing service, featuring quick payments.

If you need EMV support, fill out our application today. Our merchant services are tailored to all types of businesses and industries, including: gaming, bad credit, credit repair, nutraceutical, telecom, warranty, tech support, travel, ebooks, electronics, airlines, and many more. It takes just minutes to complete, and you can have an account setup in as little as 24 hours.

Let us help you get a high risk merchant account today!

Get Started

Award winning.

  • 2012
  • 2013
  • 2014
  • 2015
  • 2016

Having a merchant account allows an account holder to take advantage of merchant cash advances. When a merchant is approved for an advance, the business agrees to receive a lump sum of cash in exchange for an agreed-upon percentage of future credit card sales.

Pricing varies depending on the merchant’s industry, past credit card processing history, the type of business seeking the account, average ticket sales, and average transaction volumes.

Yes, EMB works with merchants who are building their credit, as well as those who have poor credit. EMB also approves merchants that have no credit card processing history and businesses that have lost their merchant accounts due to high chargebacks.

Several factors influence a merchant’s risk level. Though only one factor likely will not get a merchant classified as high risk, a combination of these may: business size, location, and industry, credit score, credit card processing history, a industry’s reputation for excessive chargebacks, a prior history of high chargeback ratios, and whether a merchant exclusively sells online.

Virtual terminals are stationed on a merchant’s website, making it easy for customers to make a payment or purchase online. Merchants or a payment processor can easily set up virtual terminals, so online businesses can accept credit and debit card and e-check transactions.

A merchant account is a business account with an acquiring bank. Without this business account, which actually works more like a line of credit, a merchant cannot accept and process credit and debit card transactions. Businesses need a merchant account to accept major credit cards via a static point-of-sale terminal, mobile card reader, or through a virtual payment gateway.

After filling out EMB’s simple online application and submitting any necessary, requested documents, many merchants get approved within 24 and 48 hours.

EMB specializes in working with high-risk merchants. EMB works with many merchants, including but not limited to businesses in these industries: gambling and gaming, adult entertainment, nutraceuticals, vaping and e-cigarettes, electronics, tech support, travel, high-end furniture, weight loss programs, calling cards, e-books and software, and telecommunications.

Live Chat