Click here to close now.

SYS-CON MEDIA Authors: Leon Fayer, Ruxit Blog, Carmen Gonzalez, Kevin Jackson, Peter Silva

News Feed Item

Payment Processors and Device Manufacturers Embrace Voltage Security(TM) Point-to-Point Encryption

Voltage SecureData Payments(TM) Empowers Merchants With the Highest Level of Security to Mitigate the Risk of Cardholder Data Breaches

CUPERTINO, CA -- (Marketwired) -- 05/07/14 -- Expanding its leadership in the retail payments industry, Voltage Security today announced that Uniform Industrial Corporation (UIC) now supports Voltage Format-Preserving Encryption™ (FPE), a powerful component of Voltage SecureData Payments™ with Voltage Identity-Based Encryption™ (IBE), providing merchants with P2PE (point-to-point encryption), otherwise known as end-to-end encryption, from a payment reading device to a trusted processing host.

This expands a previous partnership with Heartland Payment Systems in which UIC and Voltage provided end-to-end encryption for Heartland's E3™ security solutions, delivering reliable, secure terminal-based communications with billions of transactions on hundreds of thousands of merchant locations across global deployments.

"We see the headlines every day -- retailers are increasingly faced with tremendous pressure and risk when it comes to payment processing and it cuts to the core of their business by impacting customer trust. Malware in the retail IT systems, especially the traditional POS, has resulted in major costly breaches world-wide. We take our role as a technology partner very seriously and we are dedicated to developing solutions that provide the highest level of protection against data loss or breach, as well as enabling PCI compliance cost scope reduction, all at significantly lower implementation and management costs," explained Mark Bower, vice president of product management, Voltage Security.

UIC is now offering Voltage SecureData Payments with Voltage Format-Preserving Encryption to users of its devices of the MSR215E and MSR215T secure MSR readers, and PP790SE and PP795SE All-in-one PIN Pads, as well as the TS890 and TS900 payment terminals.

"We are excited to offer this cutting edge technology and to deliver secure and robust payment devices. By introducing Voltage enabled card readers and PIN pads, not only does it simplify the complex payment security key management, it also establishes the highest level of security to protect payment operators and card holders from fraudulence," said Albert Li, vice president, sales/business development, UIC.

From authorization and settlement, through business processes such as charge-backs, loyalty or repeat payments, merchants and processors must be able to reliably protect credit card data at rest and in transit, and, at the same time, reduce PCI scope as much as possible, without impacting business workflows or customer facing business processes.

"Our partnership with UIC is another example of how widely available Voltage end-to-end encryption is across the payments industry. Businesses have the option to implement Voltage SecureData Payments on a wide variety of payments devices and perform decryption within their own data environments or with a Voltage platform partner, and Voltage works with six of the top eight U.S. payment processors," said Bower.

By strongly encrypting cardholder data at the read head, using tamper-resistant and tamper-evident payment devices, any malware installed on the intermediate POS systems would only have access to the ciphertext, while the keys necessary to decrypt it stay safely inside the most secure PCI environments at the decryption endpoint. The cipher text, using Voltage Format-Preserving Encryption (FPE), can be used by those POS systems, just as the original plaintext was; but, it is useless to any attackers.

Voltage SecureData Payments Dramatically Lowers Management and Compliance Costs

Voltage SecureData Payments is a complete payment transaction protection framework, built on breakthrough technologies encompassing encryption and key management: Voltage Format-Preserving Encryption (FPE) and Voltage Identity-Based Encryption (IBE). These technologies provide a unique architecture that addresses the complexity of retail environments with high transaction volume.

With Voltage FPE, credit card numbers and other types of structured information are protected without the need to change the data format or structure. In addition, data properties are maintained, such as a checksum, and portions of the data can remain in the clear. This aids in preserving existing processes such as BIN routing or use of the last 4 digits of the card in customer service scenarios.

Voltage IBE is a breakthrough in key management that eliminates the complexity of traditional Public Key Infrastructure (PKI) systems and symmetric key systems. In other words, no digital certificates or keys are required to be injected or synchronized. IBE also enables end-to-end encryption from swipe-to-processor and swipe-to-trusted-merchant applications.

Voltage Secure Stateless Tokenization™ (SST), adopted by major global retailers, is an advanced, patent-pending data security technology that provides enterprises, merchants and payment processors with a new approach to help assure protection for payment card data, with significant Payment Card Industry Data Security Standard (PCI DSS) audit scope reduction. Voltage SST technology dramatically improves speed, scalability, security and manageability over conventional and first-generation tokenization solutions.

Voltage SecureData Payments delivers:

  • Reduced PCI audit cost and scope -- End-to-end encryption can be combined easily with tokenization to provide merchants with complete choice in reducing PCI audit scope.
  • Reduced risk of data loss or breach -- Cardholder data is protected or tokenized when it is stored, transmitted, or used. When deployed with sound internal controls, Voltage SecureData Payments renders sensitive information useless to unauthorized users, mitigating risk of data breaches at any point in the payment stream.
  • Significantly lower implementation and management costs -- Keys are securely generated on demand and not stored; point-of-sale (POS) terminal devices are not subject to key injection; and key rotation is automated and transparent, thus eliminating labor-intensive processes and reducing costs.

Voltage SecureData Payments Terminal SDK can be implemented on most payment devices (both traditional and mobile) and payment processing systems. Voltage is already integrated into leading payment card reading devices and pin-pads, offering merchants the flexibility to support the hardware of their choice. The complementary SecureData Payments Host SDK, which performs the decryption of the cardholder data when teamed with Voltage SecureData Appliances and Thales HSMs, supports a wide variety of platforms, including Windows, Linux, HP NonStop, Stratus VOS, and IBM z/OS.

For more information, visit https://www.voltage.com/products/securedata-payments/

For a complete list of payment terminal partners, visit https://www.voltage.com/partners/payment-partners/.

About UIC
Uniform Industrial Corporation positions itself as a professional DMS manufacturer in the payment industry. Since its inception in 1983, UIC has been a leading national provider of award-winning components and systems for banking, and retail solutions. The company's simple-to-use products combine affordability, reliability, and performance to enable the most high-value and secure transactions. UIC's innovative products have allowed fast, affordable and reliable payment products driven by unique technological developments in the payments industry. The company has branches in Fremont, USA and Frankfurt, Germany to support the American and European markets. UIC seeks to offer its partners cutting-edge solutions and outstanding customer service that exceed expectations.

About Voltage Security
Voltage Security®, Inc. is the world leader in data-centric encryption and tokenization. Voltage provides trusted data security that scales to deliver cost-effective PCI compliance, scope reduction and secure analytics. Voltage solutions are used by leading enterprises worldwide, reducing risk and protecting brand while enabling business. For more information see www.voltage.com.

Notes: All Voltage trademarks are property of Voltage Security, Inc. All other trademarks are property of their respective owners.

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
SYS-CON Events announced today that FierceDevOps will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. FierceDevOps keeps software developers and IT operations personnel updated on the latest news and trends around the rapidly evolving role of the traditional IT worker.
GENBAND has announced that SageNet is leveraging the Nuvia platform to deliver Unified Communications as a Service (UCaaS) to its large base of retail and enterprise customers. Nuvia’s cloud-based solution provides SageNet’s customers with a full suite of business communications and collaboration tools. Two large national SageNet retail customers have recently signed up to deploy the Nuvia platform and the company will continue to sell the service to new and existing customers. Nuvia’s capabili...
WHOA.com has announced the newest addition to its data center footprint with the expansion into Equinix's newest state-of-the-art facility: DC-11 Washington, DC IBX+. Located in Ashburn, VA, this data center expands Whoa.com's presence to meet rapidly expanding customer demand for secure cloud solutions. Equinix, Inc. operates International Business Exchange™ (IBX®) data centers in 32 markets across 15 countries in the Americas, EMEA, and Asia-Pacific. Equinix is committed to operating faciliti...
SYS-CON Events announced today that the DevOps Institute has been named “Association Sponsor” of SYS-CON's DevOps Summit, which will take place on June 9–11, 2015, at the Javits Center in New York City, NY. The DevOps Institute provides enterprise level training and certification. Working with thought leaders from the DevOps community, the IT Service Management field and the IT training market, the DevOps Institute is setting the standard in quality for DevOps education and training.
SYS-CON Media announced today that @WebRTCSummit Blog, the largest WebRTC resource in the world, has been launched. @WebRTCSummit Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. @WebRTCSummit Blog can be bookmarked ▸ Here @WebRTCSummit conference site can be bookmarked ▸ Here
WSM International is launching a DevOps services division that offers assessment, consulting and implementation to large enterprises and organizations with complex infrastructures. This is the first independent services company to create a dedicated practice to help organizations looking to transition to the DevOps model. The concept of DevOps is to blend information technology (IT) software development with operations to optimize the computing infrastructure according to the specific needs of ...
SYS-CON Events announced today that Cisco, the worldwide leader in IT that transforms how people connect, communicate and collaborate, has been named “Gold Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Cisco makes amazing things happen by connecting the unconnected. Cisco has shaped the future of the Internet by becoming the worldwide leader in transforming how people connect, communicate and collaborat...
Temasys has announced senior management additions to its team. Joining are David Holloway as Vice President of Commercial and Nadine Yap as Vice President of Product. Over the past 12 months Temasys has doubled in size as it adds new customers and expands the development of its Skylink platform. Skylink leads the charge to move WebRTC, traditionally seen as a desktop, browser based technology, to become a ubiquitous web communications technology on web and mobile, as well as Internet of Things...
SYS-CON Events announced today that robomq.io will exhibit at SYS-CON's @ThingsExpo, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. robomq.io is an interoperable and composable platform that connects any device to any application. It helps systems integrators and the solution providers build new and innovative products and service for industries requiring monitoring or intelligence from devices and sensors.
The WebRTC Summit 2014 New York, to be held June 9-11, 2015, at the Javits Center in New York, NY, announces that its Call for Papers is open. Topics include all aspects of improving IT delivery by eliminating waste through automated business models leveraging cloud technologies. WebRTC Summit is co-located with 16th International Cloud Expo, @ThingsExpo, Big Data Expo, and DevOps Summit.
Hosted PaaS providers have given independent developers and startups huge advantages in efficiency and reduced time-to-market over their more process-bound counterparts in enterprises. Software frameworks are now available that allow enterprise IT departments to provide these same advantages for developers in their own organization. In his workshop session at DevOps Summit, Troy Topnik, ActiveState’s Technical Product Manager, will show how on-prem or cloud-hosted Private PaaS can enable organ...
DevOps tasked with driving success in the cloud need a solution to efficiently leverage multiple clouds while avoiding cloud lock-in. Flexiant today announces the commercial availability of Flexiant Concerto. With Flexiant Concerto, DevOps have cloud freedom to automate the build, deployment and operations of applications consistently across multiple clouds. Concerto is available through four disruptive pricing models aimed to deliver multi-cloud at a price point everyone can afford.
Today, IT is not just a cost center. IT is an enabler and driver of business. With the emergence of the hybrid cloud paradigm, IT now has increasingly more capabilities to create new strategic opportunities for a business. Hybrid cloud allows an organization to utilize multi-tenant public clouds, dedicated private clouds, bare metal hosting, and the associated support and services for the right use cases through an on-demand, XaaS model. This model of IT creates tremendous opportunities for busi...
Docker is an excellent platform for organizations interested in running microservices. It offers portability and consistency between development and production environments, quick provisioning times, and a simple way to isolate services. In his session at DevOps Summit at 16th Cloud Expo, Shannon Williams, co-founder of Rancher Labs, will walk through these and other benefits of using Docker to run microservices, and provide an overview of RancherOS, a minimalist distribution of Linux designed...
Business as usual for IT is evolving into a “Make or Buy” decision on a service-by-service conversation with input from the LOBs. How does your organization move forward with cloud? In his general session at 16th Cloud Expo, Paul Maravei, Regional Sales Manager, Hybrid Cloud and Managed Services at Cisco, discusses how Cisco and its partners offer a market-leading portfolio and ecosystem of cloud infrastructure and application services that allow you to uniquely and securely combine cloud busi...