As card fraud continues to rise — identity fraud grew 12% in 2009, according to Javelin Research, and credit card fraud is the biggest example of that — the segment of the transaction chain in which transactions move from merchant to payment processor is often considered the weakest link, security-wise. First Data has rolled out a payment security service for merchants called TransArmor and expects more than 100,000 merchants to sign up for it by the end of the year.
TransArmor replaces card data with a token number that preserves the value of card data for merchant business operations but removes value for fraudsters. According to First Data, this enables merchants to reduce the scope, risk and costs associated with PCI compliance without requiring new hardware or extensive changes to existing business processes.
First Data completed a pilot in June 2010 that tested the TransArmor solution at 150 merchant locations. Factors assessed during the pilot were average latency time, which First Data says averaged less than one tenth of a second per transaction, and ease of implementation for merchant adopters, all of whom used existing POS terminals for the test, according to First Data.
The TransArmor solution tokenized the first commercial transaction over the STAR Network, a First Data company, at the Center of Science & Industry in Columbus, Ohio on Feb. 26, 2010. Breakers Motel in Grand Isle, La. also signed up for the TransArmor pilot in March.
“Protecting our customers’ payment card data is a priority for our business, but strong security can be a significant challenge to implement,” said Anna Janise, manager of Breakers Motel. “Adding the TransArmor service to our existing point of sale required almost no effort on our part, and didn’t impact our business operations. We’re more confident that the cards we accept stay safe, and most importantly, it keeps our focus on our customers, not on becoming security experts.”
Value-added resellers including Data Business Systems, which focuses on both the restaurant and retail industries, have connected the TransArmor solution to their POS software offerings.
“Security is essential to our customer base, and they want that security built into products that run their business today,” said Robin Vaughan, chief technology officer at Data Business Systems. “We recently integrated the TransArmor solution with our TransAction + payments middleware product because it’s a truly unique and intuitive data security service that we believe will be invaluable to our clients who utilize either POSitouch or SAP POS solutions.”
The TransArmor service uses RSA's SafeProxy architecture to encrypt and securely transport cardholder data to First Data and replaces it with a token as part of the transaction authorization process. Unique features of the token make it possible for merchants to continue to handle key business functions such as returns, recurring billing, loyalty programs and other analysis, without enabling card data to be used for fraudulent transactions. First Data provides a limited warranty against compromise of the token number in the event it is used to conduct a fraudulent transaction. The TransArmor solution meets or exceeds all of Visa’s recently released best practices for card data tokenization, First Data says.