3Delta Systems Urges Businesses to Adopt Best Practices for Fighting Credit Card Theft and Fraud During National Cyber Sec

October 4, 2011

Tools

B2B Tokenization Leader Issues Top 10 Tips for Keeping Confidential Payment Data Safe

CHANTILLY, Va.--(BUSINESS WIRE)-- 3Delta Systems, Inc. (3DSI), a leader in online credit card processing solutions and a pioneer in safeguarding confidential payment data through tokenization, today observed National Cyber Security Awareness Month by issuing a set of business best practices for protecting customer credit card account information and minimizing corporate exposure to online payment scams.

Entitled “10 Business Best Practices for Fighting Credit Card Theft and Fraud,” 3DSI’s tips consists of tried-and-true tools and techniques for companies to use in detecting and deterring online thieves from stealing sensitive payment data from their computer systems. The best practices are available for download from 3Delta Systems’ site.

“Given the ingenuity of cyber criminals and the sheer volume of electronic business-to-business (B2B) payment transactions, someone – somewhere – will inevitably break through your company’s front-end access control and authentication safeguards,” said Aaron Bills, founder and chief operating officer of 3Delta Systems.

“A sound business payment security system shouldn’t merely detect intrusions,” Bills explained. “It should also plan for ‘graceful failure’ – a strategy that assumes, if one safeguard fails and a perpetrator gains access to one part of your computer network, other countermeasures will be in place to contain the attack, render it less harmful or lock down confidential data so it’s worthless to hackers.”

Study after study shows that failure to protect sensitive payment data from a breach leads to massive financial costs, customer defections, lawsuits and loss of reputation.

According to the Ponemon Institute’s latest U.S. Cost of a Data Breach Study, data heists during 2010 cost companies an average of $7.2 million, or $214 per compromised customer record – up 7 percent from $6.75 million, or $204 per record, in 2009. When the Institute launched its first data breach study in 2005, the average was $4.54 million, or $138 per record.

Any business that accepts or processes credit cards or purchase cards (p-cards) online, in a store, by phone or by mail must protect and restrict access to that data according to 12 specific Payment Card Industry Data Security Standards (PCI DSS) established by the major credit card brands that make up the PCI Security Standards Council.

“Multiple deterrence layers in secure payment platforms, such as 3Delta Systems’ Payment WorkSuite^® , were designed to thwart breach attempts because of permission-based business rules that serve as virtual padlocks on information access so there’s less to steal if a thief does break in,” Bills added. “A deep, multilayered system should combine user IDs, passwords and access tokens with tight rules around who needs to see or authorize confidential information such as credit card types and accounts, then provide exceptions for specific people and circumstances. We recommend setting very granular limits on transaction size and transaction velocity, based on time of day and day of week, so that nothing and no one get past your virtual front door after normal working hours. It’s also a good practice to create a detailed audit trail of information access so that you’ll know who touched what data and when.”

3Delta Systems, which has met the strictest PCI compliance requirements for payment data security eight years in a row, launched Payment WorkSuite earlier this year as a powerful, easy-to-use platform built from the ground up to save enterprises money on payment processing costs, improve their productivity and protect sensitive information from prying eyes.

The company also pioneered credit card tokenization technology in 2003 called CardVault^® that enables merchants to exchange their customers’ confidential card data for randomly generated payment “tokens,” a process that safely replaces real card numbers with a string of characters which then become useless to would-be hackers. Merchants use only the token key reference for each customer transaction while the real card data remains offsite at 3DSI’s secure processing centers.

National Cyber Security Awareness Month, conducted every October since 2004 by the National Cyber Security Alliance, heightens awareness of cyber security issues and promotes best practices for online safety among businesses, governments and the general public. More information about the organization and this annual awareness-raising initiative can be found at www.staysafeonline.org

About 3Delta Systems

3Delta Systems, Inc. [www.3DSI.com] is a payment solutions company that delivers the power of secure, Internet-based purchase and credit card processing solutions to enterprise, business-to-business and business-to-government customers. 3DSI’s complete suite of payment solutions – each designed from the ground up to be scalable, easy to implement and conform with PCI Data Security Standard best practices – enables merchants and buyers to manage, authorize and settle payment transactions in real-time. As a leading Software-as-a-Service provider, 3DSI processes an average of 1 million transactions every month worth $1 billion for more than 10,000 merchant accounts and 30,000 users who handle corporate and government payments. Since its founding in 1999, 3DSI has served more than 6,000 corporations and government agencies.