Welcome!

News Feed Item

Payment Processors and Device Manufacturers Embrace Voltage Security(TM) Point-to-Point Encryption

Voltage SecureData Payments(TM) Empowers Merchants With the Highest Level of Security to Mitigate the Risk of Cardholder Data Breaches

CUPERTINO, CA -- (Marketwired) -- 05/07/14 -- Expanding its leadership in the retail payments industry, Voltage Security today announced that Uniform Industrial Corporation (UIC) now supports Voltage Format-Preserving Encryption™ (FPE), a powerful component of Voltage SecureData Payments™ with Voltage Identity-Based Encryption™ (IBE), providing merchants with P2PE (point-to-point encryption), otherwise known as end-to-end encryption, from a payment reading device to a trusted processing host.

This expands a previous partnership with Heartland Payment Systems in which UIC and Voltage provided end-to-end encryption for Heartland's E3™ security solutions, delivering reliable, secure terminal-based communications with billions of transactions on hundreds of thousands of merchant locations across global deployments.

"We see the headlines every day -- retailers are increasingly faced with tremendous pressure and risk when it comes to payment processing and it cuts to the core of their business by impacting customer trust. Malware in the retail IT systems, especially the traditional POS, has resulted in major costly breaches world-wide. We take our role as a technology partner very seriously and we are dedicated to developing solutions that provide the highest level of protection against data loss or breach, as well as enabling PCI compliance cost scope reduction, all at significantly lower implementation and management costs," explained Mark Bower, vice president of product management, Voltage Security.

UIC is now offering Voltage SecureData Payments with Voltage Format-Preserving Encryption to users of its devices of the MSR215E and MSR215T secure MSR readers, and PP790SE and PP795SE All-in-one PIN Pads, as well as the TS890 and TS900 payment terminals.

"We are excited to offer this cutting edge technology and to deliver secure and robust payment devices. By introducing Voltage enabled card readers and PIN pads, not only does it simplify the complex payment security key management, it also establishes the highest level of security to protect payment operators and card holders from fraudulence," said Albert Li, vice president, sales/business development, UIC.

From authorization and settlement, through business processes such as charge-backs, loyalty or repeat payments, merchants and processors must be able to reliably protect credit card data at rest and in transit, and, at the same time, reduce PCI scope as much as possible, without impacting business workflows or customer facing business processes.

"Our partnership with UIC is another example of how widely available Voltage end-to-end encryption is across the payments industry. Businesses have the option to implement Voltage SecureData Payments on a wide variety of payments devices and perform decryption within their own data environments or with a Voltage platform partner, and Voltage works with six of the top eight U.S. payment processors," said Bower.

By strongly encrypting cardholder data at the read head, using tamper-resistant and tamper-evident payment devices, any malware installed on the intermediate POS systems would only have access to the ciphertext, while the keys necessary to decrypt it stay safely inside the most secure PCI environments at the decryption endpoint. The cipher text, using Voltage Format-Preserving Encryption (FPE), can be used by those POS systems, just as the original plaintext was; but, it is useless to any attackers.

Voltage SecureData Payments Dramatically Lowers Management and Compliance Costs

Voltage SecureData Payments is a complete payment transaction protection framework, built on breakthrough technologies encompassing encryption and key management: Voltage Format-Preserving Encryption (FPE) and Voltage Identity-Based Encryption (IBE). These technologies provide a unique architecture that addresses the complexity of retail environments with high transaction volume.

With Voltage FPE, credit card numbers and other types of structured information are protected without the need to change the data format or structure. In addition, data properties are maintained, such as a checksum, and portions of the data can remain in the clear. This aids in preserving existing processes such as BIN routing or use of the last 4 digits of the card in customer service scenarios.

Voltage IBE is a breakthrough in key management that eliminates the complexity of traditional Public Key Infrastructure (PKI) systems and symmetric key systems. In other words, no digital certificates or keys are required to be injected or synchronized. IBE also enables end-to-end encryption from swipe-to-processor and swipe-to-trusted-merchant applications.

Voltage Secure Stateless Tokenization™ (SST), adopted by major global retailers, is an advanced, patent-pending data security technology that provides enterprises, merchants and payment processors with a new approach to help assure protection for payment card data, with significant Payment Card Industry Data Security Standard (PCI DSS) audit scope reduction. Voltage SST technology dramatically improves speed, scalability, security and manageability over conventional and first-generation tokenization solutions.

Voltage SecureData Payments delivers:

  • Reduced PCI audit cost and scope -- End-to-end encryption can be combined easily with tokenization to provide merchants with complete choice in reducing PCI audit scope.
  • Reduced risk of data loss or breach -- Cardholder data is protected or tokenized when it is stored, transmitted, or used. When deployed with sound internal controls, Voltage SecureData Payments renders sensitive information useless to unauthorized users, mitigating risk of data breaches at any point in the payment stream.
  • Significantly lower implementation and management costs -- Keys are securely generated on demand and not stored; point-of-sale (POS) terminal devices are not subject to key injection; and key rotation is automated and transparent, thus eliminating labor-intensive processes and reducing costs.

Voltage SecureData Payments Terminal SDK can be implemented on most payment devices (both traditional and mobile) and payment processing systems. Voltage is already integrated into leading payment card reading devices and pin-pads, offering merchants the flexibility to support the hardware of their choice. The complementary SecureData Payments Host SDK, which performs the decryption of the cardholder data when teamed with Voltage SecureData Appliances and Thales HSMs, supports a wide variety of platforms, including Windows, Linux, HP NonStop, Stratus VOS, and IBM z/OS.

For more information, visit https://www.voltage.com/products/securedata-payments/

For a complete list of payment terminal partners, visit https://www.voltage.com/partners/payment-partners/.

About UIC
Uniform Industrial Corporation positions itself as a professional DMS manufacturer in the payment industry. Since its inception in 1983, UIC has been a leading national provider of award-winning components and systems for banking, and retail solutions. The company's simple-to-use products combine affordability, reliability, and performance to enable the most high-value and secure transactions. UIC's innovative products have allowed fast, affordable and reliable payment products driven by unique technological developments in the payments industry. The company has branches in Fremont, USA and Frankfurt, Germany to support the American and European markets. UIC seeks to offer its partners cutting-edge solutions and outstanding customer service that exceed expectations.

About Voltage Security
Voltage Security®, Inc. is the world leader in data-centric encryption and tokenization. Voltage provides trusted data security that scales to deliver cost-effective PCI compliance, scope reduction and secure analytics. Voltage solutions are used by leading enterprises worldwide, reducing risk and protecting brand while enabling business. For more information see www.voltage.com.

Notes: All Voltage trademarks are property of Voltage Security, Inc. All other trademarks are property of their respective owners.

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
With the proliferation of both SQL and NoSQL databases, organizations can now target specific fit-for-purpose database tools for their different application needs regarding scalability, ease of use, ACID support, etc. Platform as a Service offerings make this even easier now, enabling developers to roll out their own database infrastructure in minutes with minimal management overhead. However, this same amount of flexibility also comes with the challenges of picking the right tool, on the right ...
SYS-CON Events announced today that Catchpoint Systems, Inc., a provider of innovative web and infrastructure monitoring solutions, has been named “Silver Sponsor” of SYS-CON's DevOps Summit at 18th Cloud Expo New York, which will take place June 7-9, 2016, at the Javits Center in New York City, NY. Catchpoint is a leading Digital Performance Analytics company that provides unparalleled insight into customer-critical services to help consistently deliver an amazing customer experience. Designed...
DevOps is not just last year’s buzzword. Companies with DevOps practices are 2.5x more likely to exceed profitability, market share, and productivity goals. But how do you enable high performance? What can you do right now to start? Find out from DevOps experts including Gene Kim, co-author of "The Phoenix Project," and the Dynatrace Center of Excellence.
SYS-CON Events announced today that Alert Logic, Inc., the leading provider of Security-as-a-Service solutions for the cloud, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Alert Logic, Inc., provides Security-as-a-Service for on-premises, cloud, and hybrid infrastructures, delivering deep security insight and continuous protection for customers at a lower cost than traditional security solutions. Ful...
SYS-CON Events announced today that Interoute, owner-operator of one of Europe's largest networks and a global cloud services platform, has been named “Bronze Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2015 at the Javits Center in New York, New York. Interoute is the owner-operator of one of Europe's largest networks and a global cloud services platform which encompasses 12 data centers, 14 virtual data centers and 31 colocation centers, with connections to 195 ad...
Recognizing the need to identify and validate information security professionals’ competency in securing cloud services, the two leading membership organizations focused on cloud and information security, the Cloud Security Alliance (CSA) and (ISC)^2, joined together to develop an international cloud security credential that reflects the most current and comprehensive best practices for securing and optimizing cloud computing environments.
Companies can harness IoT and predictive analytics to sustain business continuity; predict and manage site performance during emergencies; minimize expensive reactive maintenance; and forecast equipment and maintenance budgets and expenditures. Providing cost-effective, uninterrupted service is challenging, particularly for organizations with geographically dispersed operations.
Sensors and effectors of IoT are solving problems in new ways, but small businesses have been slow to join the quantified world. They’ll need information from IoT using applications as varied as the businesses themselves. In his session at @ThingsExpo, Roger Meike, Distinguished Engineer, Director of Technology Innovation at Intuit, showed how IoT manufacturers can use open standards, public APIs and custom apps to enable the Quantified Small Business. He used a Raspberry Pi to connect sensors...
SYS-CON Events announced today that Avere Systems, a leading provider of enterprise storage for the hybrid cloud, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Avere delivers a more modern architectural approach to storage that doesn’t require the overprovisioning of storage capacity to achieve performance, overspending on expensive storage media for inactive data or the overbuilding of data centers ...
SYS-CON Events announced today that Commvault, a global leader in enterprise data protection and information management, has been named “Bronze Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Commvault is a leading provider of data protection and information management...
SYS-CON Events announced today that VAI, a leading ERP software provider, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. VAI (Vormittag Associates, Inc.) is a leading independent mid-market ERP software developer renowned for its flexible solutions and ability to automate critical business functions for the distribution, manufacturing, specialty retail and service sectors. An IBM Premier Business Part...
In most cases, it is convenient to have some human interaction with a web (micro-)service, no matter how small it is. A traditional approach would be to create an HTTP interface, where user requests will be dispatched and HTML/CSS pages must be served. This approach is indeed very traditional for a web site, but not really convenient for a web service, which is not intended to be good looking, 24x7 up and running and UX-optimized. Instead, talking to a web service in a chat-bot mode would be muc...
It's easy to assume that your app will run on a fast and reliable network. The reality for your app's users, though, is often a slow, unreliable network with spotty coverage. What happens when the network doesn't work, or when the device is in airplane mode? You get unhappy, frustrated users. An offline-first app is an app that works, without error, when there is no network connection.
With an estimated 50 billion devices connected to the Internet by 2020, several industries will begin to expand their capabilities for retaining end point data at the edge to better utilize the range of data types and sheer volume of M2M data generated by the Internet of Things. In his session at @ThingsExpo, Don DeLoach, CEO and President of Infobright, will discuss the infrastructures businesses will need to implement to handle this explosion of data by providing specific use cases for filte...
Cognitive Computing is becoming the foundation for a new generation of solutions that have the potential to transform business. Unlike traditional approaches to building solutions, a cognitive computing approach allows the data to help determine the way applications are designed. This contrasts with conventional software development that begins with defining logic based on the current way a business operates. In her session at 18th Cloud Expo, Judith S. Hurwitz, President and CEO of Hurwitz & ...