GS Logo
The Green Sheet, Inc

Please Log in

A Thing
View Archives

View PDF of this issue

Care to Share?

Table of Contents

Lead Story

Industry evolution demands adaptation


Industry Update

A new chapter in Cynergy's story

PCI SSC combats skimming with new merchant resource

Taking the industry's temperature

Gucci accuses processor, others of aiding sale of knockoffs

WSAA welcomes feet on the street

Super LINC a Marquis event


Shaping a well-rounded payment company

Payment companies get ink on Inc. 5000

Providing clarity to contracts

Selling Prepaid

Prepaid in brief

Experts counter prepaid's 'gotchas'

Prepaid cards reduce balance inquiry blues

Cherie M. Fuzzell
FirstView Financial

Cheers for card payments at U.K. private school


A path for success when stakes are highest

Biff Matthews
CardWare International


Street SmartsSM:
Strategic elements in business and blackjack

Jon Perry and Vanessa Lang

MLSs without borders

Caroline Hometh

Digging into PCI - Part 2: Securing the network

Tim Cranny
Panoptic Security Inc.

Do's and don'ts of merchant mining

Jeff Fortney
Clearent LLC

Negotiating agreements in the Great Recession

Adam Atlas
Attorney at Law

Company Profile

CoCard Marketing Group LLC

New Products

Dynamic referral management

LendingCycle Inc.

Protecting data, easing compliance

MerchantWARE TransPort
Merchant Warehouse


Your beliefs about money matter



Resource Guide


A Bigger Thing

The Green Sheet Online Edition

September 14, 2009  •  Issue 09:09:01

previous next

New Products

Protecting data, easing compliance

Product: MerchantWARE TransPort

A new product from Boston-based ISO Merchant Warehouse may remove a crucial portion of Payment Card Industry (PCI) Data Security Standard (DSS) compliance work from the scope of both merchants and POS developers.

The product, MerchantWARE TransPort, is software that integrates with existing POS systems and appropriates the task of capturing credit card transactions.

"This would be the equivalent of running your accounting package and credit card processing application totally separate from each other," said Henry Helgeson, President and co-Chief Executive Officer of Merchant Warehouse.

"We've said OK, run your POS software, work your kitchen printers and your order entry and everything else you need to, and when it comes time to give us a credit card transaction, just give us an amount and a payment type, and we'll take it from there."

Moving data to keep it safe

Helgeson said MerchantWARE TransPort captures card data almost immediately after it enters a POS system and re-routs it - taking it out of the merchant environment and directing it to MerchantWARE's gateway via a secure sockets layer route. Once there, the information is tokenized and returned to the merchant in a form that is unreadable to potential hackers.

As Helgeson explained, payment data is traditionally moved by the POS system sending transactions directly to the processing front-end.

But MerchantWare Transport works differently. "Instead of the terminal dialing out or calling out to the processor, what it will now do is send it to our MerchantWARE server and then we'll go ahead and make the connection to whatever front-end we choose," he said.

"No card data is stored on the system itself, so it's a one-time use. When you swipe that card and it comes through to us, there is nothing stored on the system after that. For any other transactions - for example, a void - we've left a token in the software that allows us to void the transaction without card data having to be stored on the POS system or the merchant's computer itself."

Alleviates several burdens

Helgeson said MerchantWARE Transport eases the burden on merchants and POS manufacturers in different ways. One way is it "streamlines the [PCI] audit" by effectively removing the chore of Payment Application (PA) DSS compliance and allowing merchants to fill out a much simpler self-assessment questionnaire, he said.

It also mitigates the financial burden of compliance. The costs of PCI audits can be huge - $10,000 or more - and outsourcing the job of payment data capture can lower that figure significantly, according to Helgeson.

Lastly, keeping payment data out of merchants' hands significantly reduces the threat of data breaches, Helgeson noted. He said vulnerabilities often arise in merchants' payment systems because the developers of such systems aren't "always specialists in credit card transactions and security" and are apt to leave security holes.

He added that while MerchantWARE TransPort is being marketed to merchants of all types, it is meant particularly for smaller merchant environments. "It has probably impacted merchants the most that have specialty POS systems, smaller types of systems," he said. "The smaller, niche merchants, they're working typically fewer installations, meaning they typically have less employees, less income, less resources. ... I wouldn't expect a large development house to do something like that; it has the resources to do a PA-DSS audit."

Merchant Warehouse

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | Simpay | USAePay | Impact Paysystems | Board Studios