End-to-End Encryption (E2EE)

End-to-End Encryption ensures the security of sensitive cardholder information from the moment the card is swiped, all the way to when it is processed by a payment gateway and passed on to the bank for authorisation.

Background
Protection of cardholder data is of paramount importance to anyone processing credit and debit card transactions. With increasing card data theft, where sensitive information is compromised by computer hackers while in transit, card accepting merchants across various sectors have to ensure to comply with the Payment Card Industry Data Security Standard (PCI DSS) which can be very time consuming and costly.

Solution
CreditCall's pioneering End-to-End Encryption technology CardEase Ultra ensures that at the point of card acceptance, i.e. within the magnetic-stripe card reader itself, the card data is securely encrypted. It can then be passed freely over standard public networks to the payment gateway or processor. Once within the secure data zone of CreditCall’s PCI DSS certified payment gateway, it is de-crypted and passed to the bank processor for authorisation.

The solution will initially only be available for mag-stripe transaction in the USA but a Chip and PIN version will be launched later this year.
 

How will you benefit from End to End Encryption?

Increased card holder data protection Encryption of every transaction at the source Cost savings through taking large parts of the payment system out of scope of PCI DSS Simplified payment processing architecture Easy integration with other software solutions through the use of an SDK

 

 

 

 

 

 

Implementation
CreditCall has collaborated with world-respected card reader manufacturer Magtek, making their card readers the first that will support CardEase Ultra. Magtek readers are already widely used within unattended payment terminals, and with a range of flexible mounting options can be retrofitted easily to replace other readers.

The CardEase Ultra software is available to terminal manufacturers as an SDK (Software Development Kit) to integrate with the host controller and provide a bank-approved communications protocol to send and receive authorisation requests via the CreditCall global transaction processing network.

EncryptionTechnology
The technology developed by CreditCall uses a banking industry standard encryption algorithm known as DUKPT (Derived Unique Key Per Transaction) whereby a derived key is injected into each card reader at manufacture, supplied by a HSM (Hardware Security Module) sited within CreditCall’s secure environment. This derived key is used to encrypt every transaction at source and it remains securely encrypted until it is received at the payment gateway for authorisation by the bank processor.

 

Contact Us

Want to find out more about End-to-End Encryption? Get in touch by giving us a ring on  +1 800 868 1832 from the US or +44 117 930 44 55. Alternatively you can fill in the below contact form and we will get back to you within 24h. Please be aware that the solution will initially only be available in the USA but a Chip and PIN version will be launched later this year. Name:* Email:* Telephone: Where did you hear about us?:* Enquiry:* Enter not this field:   *Indicates a field you must enter.

© 2012 CreditCall All Rights Reserved

Contact Us  l  Site Map  l  Legal Notices  l  Terms of Use  l  Your Privacy Rights  l  Site by Contrast

Featured Case Studies

CreditCall integrated with the SKIDATA paystations ...

Verrus integrated CreditCall’s CardEaseXML transaction ...

CreditCall’s new cash free parking paystations allow ...