Secure Merchant Processing Services From iTransact
Accepting credit card, check, and EFT transactions from any website can be a risky and cumbersome process. iTransact combines PCI compliance, SSL certificates, military-grade data encryption, and proprietary technologies to enable merchants to accept payments easily and securely without the need to invest in costly security systems of their own.
What is PCI Compliance?
The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that all companies that process, store or transmit credit card information maintain a secure environment. All businesses that store, process or transmit payment cardholder data must be PCI Compliant. iTransact’s merchant processing services are Level 1 PCI Compliant. That’s the best you can get.
What is SSL?
In simple terms, SSL enables your web browser to transmit secure information over the Internet. SSL provides encryption and integrity of communications along with strong authentication using digital certificates. SSL uses a private key to encrypt data being submitted from a browser before it is transferred over the Internet via the SSL connection. When the data reaches the SSL-enabled web server at iTransact, it is decrypted. If the data were to be stolen during this transmission, it would remain unreadable. Many web sites use SSL to obtain confidential user information, such as credit card numbers. Web pages that incorporate SSL have a web address starting with https:// instead of the usual http://.
SSL is Not Enough to Provide Secure Merchant Processing Services
One of the major misconceptions regarding Internet security is that information submitted to a server using SSL will always remain encrypted and secure. This is not true. A secure (SSL) server alone does nothing to protect the data after it is received by the server. SSL creates a secure path between the user’s browser and the SSL-enabled server. However, the information is only secure during the time that it is being transmitted from the browser to the server. Once the information reaches the server, the information is decrypted and SSL has no effect. If there is no further encryption taking place once the information reaches the server, the security of the information is compromised.
iTransact Security – Beyond SSL
iTransact takes advantage of advanced security and encryption features to ensure the security and safety of customer data. After customer data (credit card number or checking account number) arrives at iTransact’s server via SSL, it is re-encrypted, which makes the information unreadable. This information is then pushed to an offline server (not accessible via the Internet) where the information is safely decrypted and the transaction is completed. Credit card and checking account data is never stored or transmitted in plain-text (readable) format.
Since most merchants accepting online payments do not have access to a secure server, and even fewer utilize advanced encryption technologies, iTransact fills the need to simplify online commerce. A merchant wishing to accept credit card and/or check payments online simply creates an HTML order form using the templates supplied by iTransact. Each merchant is given a unique Merchant ID that is included in the HTML source of the order form. There is no need for the merchant to have a secure server. A customer wishing to make a purchase from the merchant simply completes the merchant’s online order form. The customer can then be directed to iTransact’s secure server to enter their account information.
If you are currently processing cards, take advantage of iTransact’s Sure Save Analysis, our free, no-obligation rate review. We can save most merchants 10-25%. We provide merchant accounts directly to merchants and we also partner with various credit unions, banks, network marketing companies, and trade associations to provide merchant services to their clients. Please contact us; we are sure that you will save money with iTransact’s merchant processing services.
Please do not hesitate to contact us with any questions.
PO Box 999
314 South 200 West
Farmington UT 84025-0999
Phone: (801) 298-1212
Fax: (801) 298-9789
For technical assistance, please submit a ticket via the iTransact Support Center.
iTransact is fully compliant with the Payment Card Industry’s Data Security Standards (PCI DSS). PCI standards are endorsed by Visa, MasterCard, American Express, and other leading card brands.
iTransact’s most recent PCI audit was conducted by Specialized Security Services, Inc. View the Certificate of Compliance.
iTransact uses the Security Metrics Site Certification process, which tests and verifies merchant credit card handling processes. Site Certification simplifies all aspects of PCI DSS Compliance and includes PANscan to see if businesses unknowingly store unencrypted credit card numbers on their networks.