Verifone Expands Availability of Secure Commerce Architecture
Verifone announced the global availability of its secure commerce architecture, designed to significantly reduce merchant exposure to large-scale data breaches, and reduce the certification burden on U.S. merchants, acquirers and other payment providers looking to enable EMV acceptance.
Verifone’s secure commerce architecture decouples payment data from the merchant’s point of sale (POS) system (e.g., cash register), and enables encrypted delivery of this data from the payment terminal directly to the merchant’s processor. This provides merchants with two primary benefits:
- EMV migration in the U.S. will lead to a costly and cumbersome certification process. Historical payment architecture requires certification of each combination of POS system, payment terminal, gateway and acquirer—a costly process for merchants in terms of time and resources. The Verifone secure commerce architecture removes the POS system from the scope of EMV certification, greatly reducing the burden for clients.
- Large-scale breaches of payment data are undermining retail brands and consumer confidence, and merchants’ POS systems are common targets for cybercriminals. The Verifone secure commerce architecture solves these issues by preventing consumer payment data from entering the POS, thereby eliminating the potential for this data to be stolen at scale. Instead, card data is encrypted and transmitted directly to the merchant’s payment processor.
Previously only available through the company’s U.S. Payment as a Service offering, this secure commerce architecture is now available to all of Verifone’s direct merchant customers and all merchant acquirers in the U.S. Merchants can utilize this architecture through integration with their merchant acquirer. Global availability will begin in 2015.
“Reducing or eliminating cardholder data breaches must be a priority for any merchant,” said Thad Peterson, senior analyst for Aite Group. “Verifone’s secure commerce architecture is an elegant solution that virtually eliminates that risk with no significant impact on either the merchant’s POS system or the customer experience. Beyond that, if a merchant has yet to adopt EMV, this architecture simplifies the process and speeds implementation by shouldering the administrative burden of EMV certification.”
For Large Merchants
For large global merchants, managing payment complexity requires a substantial investment of time and resources. PCI compliance, the U.S. migration to EMV, and the exposure of PC-based systems to large-scale data breaches are creating a growing burden on retailers’ IT departments. The secure commerce architecture eliminates much of this complexity, significantly reducing the risk of large scale payment data breaches and easing the EMV certification burden. This allows merchants to focus more resources on enriching the customer experience and to enable these innovations at the physical point of sale.
For Acquirers and ISVs
The desire from merchants to leverage the power of an integrated point of sale continues to move downstream to include mid-tier merchants. For Verifone clients – the acquirers and independent software vendors (ISVs) that serve these merchants – the resulting payment complexity results in slower implementation, and stands in the way of delivering innovative new products and services. The secure commerce architecture frees up acquirers and ISVs to focus on delivering great experiences for their merchants.
“The introduction of this secure commerce architecture through our U.S. Payment as a Service offering has led to substantial interest and demand from both our direct merchant clients, as well as acquirers and POS integrators,” said Robert McMillon, vice president of Product Security for Verifone. “These organizations are looking for a way to stop pouring resources into costly certifications, stop worrying about large-scale data breaches, and focus on delivering incredible consumer commerce experiences.”