|By Marketwired .||
|May 7, 2014 06:00 AM EDT||
CUPERTINO, CA -- (Marketwired) -- 05/07/14 -- Expanding its leadership in the retail payments industry, Voltage Security today announced that Uniform Industrial Corporation (UIC) now supports Voltage Format-Preserving Encryption (FPE), a powerful component of Voltage SecureData Payments with Voltage Identity-Based Encryption (IBE), providing merchants with P2PE (point-to-point encryption), otherwise known as end-to-end encryption, from a payment reading device to a trusted processing host.
This expands a previous partnership with Heartland Payment Systems in which UIC and Voltage provided end-to-end encryption for Heartland's E3 security solutions, delivering reliable, secure terminal-based communications with billions of transactions on hundreds of thousands of merchant locations across global deployments.
"We see the headlines every day -- retailers are increasingly faced with tremendous pressure and risk when it comes to payment processing and it cuts to the core of their business by impacting customer trust. Malware in the retail IT systems, especially the traditional POS, has resulted in major costly breaches world-wide. We take our role as a technology partner very seriously and we are dedicated to developing solutions that provide the highest level of protection against data loss or breach, as well as enabling PCI compliance cost scope reduction, all at significantly lower implementation and management costs," explained Mark Bower, vice president of product management, Voltage Security.
UIC is now offering Voltage SecureData Payments with Voltage Format-Preserving Encryption to users of its devices of the MSR215E and MSR215T secure MSR readers, and PP790SE and PP795SE All-in-one PIN Pads, as well as the TS890 and TS900 payment terminals.
"We are excited to offer this cutting edge technology and to deliver secure and robust payment devices. By introducing Voltage enabled card readers and PIN pads, not only does it simplify the complex payment security key management, it also establishes the highest level of security to protect payment operators and card holders from fraudulence," said Albert Li, vice president, sales/business development, UIC.
From authorization and settlement, through business processes such as charge-backs, loyalty or repeat payments, merchants and processors must be able to reliably protect credit card data at rest and in transit, and, at the same time, reduce PCI scope as much as possible, without impacting business workflows or customer facing business processes.
"Our partnership with UIC is another example of how widely available Voltage end-to-end encryption is across the payments industry. Businesses have the option to implement Voltage SecureData Payments on a wide variety of payments devices and perform decryption within their own data environments or with a Voltage platform partner, and Voltage works with six of the top eight U.S. payment processors," said Bower.
By strongly encrypting cardholder data at the read head, using tamper-resistant and tamper-evident payment devices, any malware installed on the intermediate POS systems would only have access to the ciphertext, while the keys necessary to decrypt it stay safely inside the most secure PCI environments at the decryption endpoint. The cipher text, using Voltage Format-Preserving Encryption (FPE), can be used by those POS systems, just as the original plaintext was; but, it is useless to any attackers.
Voltage SecureData Payments Dramatically Lowers Management and Compliance Costs
Voltage SecureData Payments is a complete payment transaction protection framework, built on breakthrough technologies encompassing encryption and key management: Voltage Format-Preserving Encryption (FPE) and Voltage Identity-Based Encryption (IBE). These technologies provide a unique architecture that addresses the complexity of retail environments with high transaction volume.
With Voltage FPE, credit card numbers and other types of structured information are protected without the need to change the data format or structure. In addition, data properties are maintained, such as a checksum, and portions of the data can remain in the clear. This aids in preserving existing processes such as BIN routing or use of the last 4 digits of the card in customer service scenarios.
Voltage IBE is a breakthrough in key management that eliminates the complexity of traditional Public Key Infrastructure (PKI) systems and symmetric key systems. In other words, no digital certificates or keys are required to be injected or synchronized. IBE also enables end-to-end encryption from swipe-to-processor and swipe-to-trusted-merchant applications.
Voltage Secure Stateless Tokenization (SST), adopted by major global retailers, is an advanced, patent-pending data security technology that provides enterprises, merchants and payment processors with a new approach to help assure protection for payment card data, with significant Payment Card Industry Data Security Standard (PCI DSS) audit scope reduction. Voltage SST technology dramatically improves speed, scalability, security and manageability over conventional and first-generation tokenization solutions.
Voltage SecureData Payments delivers:
- Reduced PCI audit cost and scope -- End-to-end encryption can be combined easily with tokenization to provide merchants with complete choice in reducing PCI audit scope.
- Reduced risk of data loss or breach -- Cardholder data is protected or tokenized when it is stored, transmitted, or used. When deployed with sound internal controls, Voltage SecureData Payments renders sensitive information useless to unauthorized users, mitigating risk of data breaches at any point in the payment stream.
- Significantly lower implementation and management costs -- Keys are securely generated on demand and not stored; point-of-sale (POS) terminal devices are not subject to key injection; and key rotation is automated and transparent, thus eliminating labor-intensive processes and reducing costs.
Voltage SecureData Payments Terminal SDK can be implemented on most payment devices (both traditional and mobile) and payment processing systems. Voltage is already integrated into leading payment card reading devices and pin-pads, offering merchants the flexibility to support the hardware of their choice. The complementary SecureData Payments Host SDK, which performs the decryption of the cardholder data when teamed with Voltage SecureData Appliances and Thales HSMs, supports a wide variety of platforms, including Windows, Linux, HP NonStop, Stratus VOS, and IBM z/OS.
For more information, visit https://www.voltage.com/products/securedata-payments/
For a complete list of payment terminal partners, visit https://www.voltage.com/partners/payment-partners/.
Uniform Industrial Corporation positions itself as a professional DMS manufacturer in the payment industry. Since its inception in 1983, UIC has been a leading national provider of award-winning components and systems for banking, and retail solutions. The company's simple-to-use products combine affordability, reliability, and performance to enable the most high-value and secure transactions. UIC's innovative products have allowed fast, affordable and reliable payment products driven by unique technological developments in the payments industry. The company has branches in Fremont, USA and Frankfurt, Germany to support the American and European markets. UIC seeks to offer its partners cutting-edge solutions and outstanding customer service that exceed expectations.
About Voltage Security
Voltage Security®, Inc. is the world leader in data-centric encryption and tokenization. Voltage provides trusted data security that scales to deliver cost-effective PCI compliance, scope reduction and secure analytics. Voltage solutions are used by leading enterprises worldwide, reducing risk and protecting brand while enabling business. For more information see www.voltage.com.
Notes: All Voltage trademarks are property of Voltage Security, Inc. All other trademarks are property of their respective owners.
In a recent research, analyst firm IDC found that the average cost of a critical application failure is $500,000 to $1 million per hour and the average total cost of unplanned application downtime is $1.25 billion to $2.5 billion per year for Fortune 1000 companies. In addition to the findings on the cost of the downtime, the research also highlighted best practices for development, testing, application support, infrastructure, and operations teams.
Jul. 29, 2015 05:30 PM EDT
"We specialize in testing. DevOps is all about continuous delivery and accelerating the delivery pipeline and there is no continuous delivery without testing," noted Marc Hornbeek, Sr. Solutions Architect at Spirent Communications, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 29, 2015 05:15 PM EDT Reads: 359
How do you securely enable access to your applications in AWS without exposing any attack surfaces? The answer is usually very complicated because application environments morph over time in response to growing requirements from your employee base, your partners and your customers. In his session at @DevOpsSummit, Haseeb Budhani, CEO and Co-founder of Soha, shared five common approaches that DevOps teams follow to secure access to applications deployed in AWS, Azure, etc., and the friction an...
Jul. 29, 2015 04:30 PM EDT Reads: 497
"Alert Logic is a managed security service provider that basically deploys technologies, but we support those technologies with the people and process behind it," stated Stephen Coty, Chief Security Evangelist at Alert Logic, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 29, 2015 04:15 PM EDT Reads: 321
Digital Transformation is the ultimate goal of cloud computing and related initiatives. The phrase is certainly not a precise one, and as subject to hand-waving and distortion as any high-falutin' terminology in the world of information technology. Yet it is an excellent choice of words to describe what enterprise IT—and by extension, organizations in general—should be working to achieve. Digital Transformation means: handling all the data types being found and created in the organizat...
Jul. 29, 2015 04:00 PM EDT Reads: 1,065
The essence of cloud computing is that all consumable IT resources are delivered as services. In his session at 15th Cloud Expo, Yung Chou, Technology Evangelist at Microsoft, demonstrated the concepts and implementations of two important cloud computing deliveries: Infrastructure as a Service (IaaS) and Platform as a Service (PaaS). He discussed from business and technical viewpoints what exactly they are, why we care, how they are different and in what ways, and the strategies for IT to tran...
Jul. 29, 2015 03:15 PM EDT Reads: 368
The Internet of Everything (IoE) brings together people, process, data and things to make networked connections more relevant and valuable than ever before – transforming information into knowledge and knowledge into wisdom. IoE creates new capabilities, richer experiences, and unprecedented opportunities to improve business and government operations, decision making and mission support capabilities.
Jul. 29, 2015 03:15 PM EDT Reads: 236
The Software Defined Data Center (SDDC), which enables organizations to seamlessly run in a hybrid cloud model (public + private cloud), is here to stay. IDC estimates that the software-defined networking market will be valued at $3.7 billion by 2016. Security is a key component and benefit of the SDDC, and offers an opportunity to build security 'from the ground up' and weave it into the environment from day one. In his session at 16th Cloud Expo, Reuven Harrison, CTO and Co-Founder of Tufin,...
Jul. 29, 2015 03:00 PM EDT Reads: 466
The Internet of Things is not only adding billions of sensors and billions of terabytes to the Internet. It is also forcing a fundamental change in the way we envision Information Technology. For the first time, more data is being created by devices at the edge of the Internet rather than from centralized systems. What does this mean for today's IT professional? In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists addressed this very serious issue of pro...
Jul. 29, 2015 03:00 PM EDT Reads: 1,254
Container technology is sending shock waves through the world of cloud computing. Heralded as the 'next big thing,' containers provide software owners a consistent way to package their software and dependencies while infrastructure operators benefit from a standard way to deploy and run them. Containers present new challenges for tracking usage due to their dynamic nature. They can also be deployed to bare metal, virtual machines and various cloud platforms. How do software owners track the usag...
Jul. 29, 2015 02:30 PM EDT
With SaaS use rampant across organizations, how can IT departments track company data and maintain security? More and more departments are commissioning their own solutions and bypassing IT. A cloud environment is amorphous and powerful, allowing you to set up solutions for all of your user needs: document sharing and collaboration, mobile access, e-mail, even industry-specific applications. In his session at 16th Cloud Expo, Shawn Mills, President and a founder of Green House Data, discussed h...
Jul. 29, 2015 02:30 PM EDT Reads: 321
Discussions about cloud computing are evolving into discussions about enterprise IT in general. As enterprises increasingly migrate toward their own unique clouds, new issues such as the use of containers and microservices emerge to keep things interesting. In this Power Panel at 16th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the state of cloud computing today, and what enterprise IT professionals need to know about how the latest topics and trends affect t...
Jul. 29, 2015 02:00 PM EDT Reads: 1,167
"Our biggest growth area has been the security services, the managed services - the things that differentiate us in the market that there is no client that's too small and there's no client that's too big," explained Paul Mazzucco, Chief Security Officer at TierPoint, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 29, 2015 02:00 PM EDT Reads: 372
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Jul. 29, 2015 01:45 PM EDT Reads: 422
Containers are changing the security landscape for software development and deployment. As with any security solutions, security approaches that work for developers, operations personnel and security professionals is a requirement. In his session at DevOps Summit, Kevin Gilpin, CTO and Co-Founder of Conjur, will discuss various security considerations for container-based infrastructure and related DevOps workflows.
Jul. 29, 2015 01:00 PM EDT Reads: 1,059