Q
Problem solve Get help with specific problems with your technologies, process and projects.

High risk credit card processing

What is high risk credit card processing and also outsourced payment processing?
E-businesses must ensure business continuity because every minute or hour lost due to downtime means lost and potentially unrecoverable revenue. They must also ensure that the data provided by customers is secure from interception, modification, loss and repudiation.

Credit card processing is the act of taking a credit card number from a cardholder and authorizing it for payment....

A company can perform this function in-house or outsource it. The "high risk" part of it comes into play when the systems involved for processing the transaction are compromisable.

Most of the systems involved in credit card processing use a form of point-to-point encryption to make the contents of your credit card secure, however each individual system could be compromised, exposing any decrypted credit card data. And this is where the real risk comes into play. Each point in the link between card swipe to backend database has the potential to be compromised with a vulnerability and then allow an attacker to view the sensitive information.

The keys to strategic security for online payment card processing are:

- Securing end-to-end: Use secure socket layer (SSL) technology
- Securing every point along the stream, from the card swipe device to the backend database
- Educating IT/security managers on best practices and common security pitfalls
- Becoming strategic security by accurately scanning for critical network vulnerabilities on a daily basis, prioritizing the vulnerabilities in terms of risk to your e-business {i.e., anything that if exploited could compromise data or result in a Denial-of-Service (DoS) attack}, then implement the critical patches in a timely fashion, and ensure that the patches are complete -- before an exploit can occur.

This was last published in September 2003

Dig Deeper on Data management tutorials

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchBusinessAnalytics

SearchAWS

SearchContentManagement

SearchOracle

SearchSAP

SearchSQLServer

Close