3Delta Systems' CardVault Is Powerful Safeguard Against Credit Card Security Breaches

Delta Systems, Inc. (3DSI), a leader in online credit card payment solutions and the makers of CardVault, an innovative credit card data storage service that removes a merchant's risk of keeping confidential customer payment information, said recently that a surprising number of businesses have yet to provide strong safeguards for protecting credit card holders' sensitive data and risk exposing that information to hackers.

Forrester Research, for example, reported in its State of PCI Compliance study last fall that more than 100 million personally identifiable customer records have been breached in the U.S. over the past two years and that most of these breaches occurred at companies with household names. Forrester asked 677 information technology security executives from the U.S. and Europe about their data retention practices and found that 81% store credit card numbers, 73% retain card expiration dates and 71% keep verification codes on file.

"With this amount of sensitive payment data being retained, it's vital that proper controls be in place," said Aaron Bills, co-founder and chief operating officer of 3Delta Systems. "The security breach disclosed by the Hannaford supermarket chain on Monday drew renewed attention to the escalating risks merchants face when they process card data. While the root cause of the Hannaford breach is still being investigated, this incident is a powerful reminder of the importance of handling data carefully and how difficult it can be for a firm to ensure proper safeguards when they do it themselves."

"Protecting customer cardholder data and complying with government and industry-wide rules designed to ensure companies keep sensitive information secure is a significant undertaking - a responsibility that grows exponentially the larger a business becomes," Bills added. "Even if merchants use state-of-the art technologies to store the data internally, they need to minimize, to the greatest extent possible, the points at which credit card data is handled because the risks and impacts from a security breach could be devastating. While the direct consequences of a company suffering a breach often involve substantial fines and other expenses, the most long-lasting effects are typically customer turnover, brand erosion and loss of corporate reputation."

Among the safest alternatives, explained Bills, is eliminating the storage of credit card data from the merchant altogether.

"Our advanced CardVault technology relieves companies of the burden of worrying whether retained sensitive customer data could be compromised in the event of a security breach," Bills explained. "The idea behind CardVault is based on a simple premise: if merchants don't keep credit card information themselves, they're in less danger of exposing that data. Outsourcing data protection allows businesses to focus on their operations while their customers' information remains safely off site and out of the hands of hackers."

Customers have been using CardVault since 2003 to transfer their sensitive credit card and payment transaction data off-site where it is received, encrypted and stored at 3DSI's secure processing centers. To retrieve, access or maintain their credit card data, the merchant uses only an alias, which is assigned by either the merchant or 3DSI.

As a leading Credit Card and Customer Identification Storage service (CCID), CardVault also helps companies meet rigorous Payment Card Industry Card (PCI) Data Security Standards - industry rules that require merchants to encrypt credit card data wherever it is stored.

3DSI's technology is particularly well-suited for businesses that accept credit card payments, have repeat customers for whom they maintain 'cards-on-file' and use enterprise resource planning, web- and/or telephone-based customer order systems that generate between 5,000 and 500,000 credit card transactions per month.

Executives of 3Delta Systems will be available to discuss CardVault's features, benefits and applications at the RSA 2008 security conference April 7 - 11, 2008 at the Moscone Center in San Francisco. 3DSI's booth is 2307.

About 3Delta Systems
3Delta Systems, Inc. is a payment solutions company that delivers the power of secure, Internet-based purchase and credit card processing solutions to enterprise, business-to-business and business-to-government customers. 3DSI's complete suite of payment solutions - each designed from the ground up to be scalable, easy to implement and conform with PCI Data Security Standard best practices - enables merchants and buyers to manage, authorize and settle payment transactions in real time. As a leading software-as-a-service provider, 3DSI processes more than 5 million payment transactions worth more than $5B for over 2,500 corporations and government institutions each year.

SOURCE: 3Delta Systems