Transaction Security

Merchant Guard

What is Merchant Guard?

Merchant Guard eliminates clear text credit card and payment information from a merchant's system, regardless of the processing method. Merchant Guard will remove your business network completely from handling any sensitive payment data. No matter what type of transaction processing used, clear text credit card data will never be transmitted nor stored on your network, equipment, or devices. By ensuring that every interaction is completely secure, you can rest assured that if an intruder is accessing your network, they have no access to any sensitive credit card information.

Visa and Mastercard have stated that the safety of cardholder data is the responsibility of the merchant. The Merchant Guard suite includes everything you need to take your business out of the loop of having to protect cardholder data, and it virtually eliminates the burden of PCI compliance.

How Does it Work?

Once activated, Keyed-In transactions (MOTO), Swiped transactions (Card Present), and E-Commerce transactions (Card-Not-Present) function only using encrypted and secured credit card data. If a merchant attempts to process an unencrypted credit card, Merchant Guard will defend the transaction attempt by disallowing any data to be transmitted or processed.

  • Keyed-In Transactions: An encrypted keypad will be supplied to any users that will manually be keying-in credit cards to process or search for transactions.
  • Swiped Transactions: An encrypted card reader and licensed software will be supplied to any users that will be performing card-present swiped transactions. A Mobile Payments application will be supplied to any users that will be performing Mobile Payments.
  • E-Commerce Transactions: Lock down all web-based customer-entered payment data to require collection via a 3-Step Redirect API.

Customer Guard

Customer Security Concerns

The Customer Guard was designed specifically for businesses of any size to address security concerns about handling customer payment information. Visa and MasterCard have instituted the Payment Card Industry (PCI) Data Security Standard to protect cardholder data wherever it resides, ensuring that members, merchants, and service providers maintain the highest information security standard.

These associations have also deemed that merchants will be held liable for any breach of cardholder data. This has become a major concern for business who may handle credit card or electronic check payments, but are looking to avoid the tremendous costs and resources involved in becoming PCI compliant.

Customer Guard Solution

The Customer Guard allows merchants to transmit their customers' payment information through a Secure Sockets Layer (SSL) connection for storage in CornerPay.NET's Level 1 PCI-certified data facilities. Once the customer record has been securely transmitted to the Customer Guard, the merchant can then initiate transactions remotely without having to access cardholder information directly. This is accomplished without the merchant storing the customer's payment information in their local database, business, network, device, or payment application.

Furthermore, using the Network Merchants Browser Redirect Method together with the Customer Guard allows businesses to process transactions without transmitting any payment information through their website shopping cart either. This unique approach provides state-of-the-art application flexibility without any PCI compliancy concerns. The Network Merchants Redirect API (Advanced Programmers Interface) is available by request.

PCI Certify

What is PCI Certify?

PCI Certify is an automated tool, managed by CornerPay.NET and accessible via a web browser, that provides an easy way for merchants to satisfy their Payment Card Industry (PCI) compliance requirements. According to the PCI Security Council, merchants and agents are required to adhere to strict PCI Data Security Standards (DSS) or risk losing their ability to process transactions.

With PCI Certify, merchants and agents are have the opportunity to quickly and securely gain compliance with a simple solution that includes receiving a validation certificate upon completion.

3-Step Redirect API

The 3-Step Redirect API methodology ensures secure data transmission by keeping your business from seeing, touching, handling, transmitting, and even storing any sensitive payment information. It is all handled securely by CornerPay.NET.

By taking you outside the scope of handling sensitive payment information, the 3-Step Redirect API minimizes the cost and complexity of industry regulations and standards; especially the Payment Card Industry Data Security Standard (PCI-DSS).

The customer never knows they left your website. The seamless look and feel is always kept throughout the process.

How Does it Work?

Here is an example of a typical transaction involving the Three Step Redirect API:

  • Catherine, the customer, enters Wally's Website to purchase his famous wallpaper. Catherine picks out her favorite design and goes to Wally's checkout to make the purchase.
  • Wally itemizes the products in Catherine's shopping cart and creates an invoice, which he sends to the Payment Gateway. The Payment Gateway receives Wally's invoice and responds to Wally, providing him a URL where Catherine goes to enter her sensitive payment information.
  • Catherine leaves Wally's website seamlessly, and submits her payment information to the Payment Gateway bypassing Wally completely. The Payment Gateway combines information from Wally's invoice with Catherine's sensitive payment information and returns Catherine back to Wally's Website.
  • Wally sees Catherine has returned and receives a token from the Payment Gateway confirming terms of the transaction. Wally can then suggest other items for Catherine to purchase or instruct the gateway to process the transaction.

All of the above takes place in just a few seconds!

Virtual Terminal

Virtual Terminal enables businesses to process card-present transactions using any personal computer. This easy-to-use POS application was designed to work with Windows® based systems.

The Virtual Terminal solution uses the storage and reporting features of the payment gateway. Its supported hardware includes security features of next generation end-to-end encrypted card readers with signature capture. Merchants using Virtual Terminal and its supported hardware have instant record retrieval capabilities. Receipts with signatures are stored in the gateway and can be emailed to your customers directly.

Key Features

  • Record Retrieval - Immediately locate signed receipts stored in the gateway.
  • Signature Capture - Include digital signatures with chargeback representments.
  • Useful Data Storage - Utilize up to 20 fields, defined by you, for business analytics.
  • E-mail Receipts - Automatically e-mail your customers transaction receipts.
  • Green Initiative - Paperless receipts save trees and the environment.
  • Enhanced Security - End-to-end encryption technology protects against breach.