I was doing a product demo the other day for a prospective partner when he asked, "You can actually pick up the credit card number in transactions?"

"Yes," I replied.

"That's great!" he said and we continued with the demo.

We can pick up credit card numbers because we decode application-level messages originating from ATM, POS, online banking, and mobile banking applications using flexible tables that actually pick apart the messages and return individual fields.

Each field is mapped to a data dictionary (e.g., data element 2 in the message is the credit card number) so that it can be used to trigger alerts or execute searches.

Our responsibility doesn't end here. Once the fields are tagged, we apply a security classification. Fields are marked as one of the following:

  1. Forbidden. This information should never be stored or displayed (e.g., track 2 information on a credit card).
  2. Sensitive. This information must be treated in some way before it's stored or displayed (e.g., blank certain digits or replace them with asterisks).
  3. Normal. This information is suitable for display.

Forbidden information is dropped (in memory and never swapped to disk); sensitive information is treated (using non-reversible methods). Along the way, everything is encrypted. All data passing on the wire between the data collectors, the server and the data storage is always SSL encrypted.

We took another step beyond the wire, as well, implementing a FIPS compliant integration with Thales security hardware. This allows us to tie in seamlessly with even the tightest security architectures out there to make sure forbidden and sensitive information is protected in every way possible. Users are not doing any of the encryption in their programming code, and there is no opportunity to compromise their software system.

So yes, we can actually pick up the credit card number in transactions. And yes, it's a great feature. But with great features comes great responsibility. Make hardware encryption a mandatory check box when it comes to investing in your transaction-based monitoring tools.

Related Content

User Comments – Give us your opinion!
  • Tayyab Ali
    21262761
    When it comes to securing your peace of mind, SAFE security, has it covered. We can deliver quality security guards solutions and services with a personal touch and the most professional standards. We provide the best of both worlds. That’s because we deliver personal attention along with the backing of Australia’s largest privately-owned security company.

    View Source: http://www.securityaustraliafirstever.com.au
Sponsored by:

Features

Sponsored by:

News

Blogs

User Comments

Products & Services

NCR ATM Security Solutions

http://global.networldalliance.com/new/images/products/NCR_logo_Pantone_100.gif

830/NCR-ATM-Security-Solutions

DieboldDirect

http://global.networldalliance.com/new/images/products/3749.png

3749/DieboldDirect

Retail/off-premise ATM G2500

http://global.networldalliance.com/new/images/products/4596.png

4596/Retail-off-premise-ATM-G2500

ATM Sales and Service

http://global.networldalliance.com/new/images/products/781.png

781/ATM-Sales-and-Service

ATM Canopies & Buildings

http://global.networldalliance.com/new/images/products/1079.png

1079/ATM-Canopies-Buildings

Remanufactured Hardware

http://global.networldalliance.com/new/images/products/940.png

940/Remanufactured-Hardware

Terminals

http://global.networldalliance.com/new/images/products/5789.png

5789/Terminals

Foreign Currency Exchange ATM - H38NL XDM

http://global.networldalliance.com/new/images/products/4332.png

4332/Foreign-Currency-Exchange-ATM-H38NL-XDM

Retail ATM - Bar, Lobby, Convenient Store

http://global.networldalliance.com/new/images/products/Triton_RL5000_sm.gif

535/Retail-ATM-Bar-Lobby-Convenient-Store

EMV Kernel Certification for Self-Service Applications

http://global.networldalliance.com/new/images/products/LogoKERNEL.gif

690/EMV-Kernel-Certification-for-Self-Service-Applications

Unlocking Transaction Complexity

Latest posts by Marc Borbas
Marc Borbas
Marc is vice president of marketing at INETCO Systems Limited, a leading expert in business transaction management software for the financial services and payments industry.
Related Content
ATM & Mobile Executive Summit
Request Information From Suppliers
Save time looking for suppliers. Complete this form to submit a Request for Information to our entire network of partners.