SECURITY
25IKiLB
25IKiLB
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
SECTION 2: PROTECTING THE GOODS<br />
POWERED BY<br />
SCANSOURCE<br />
SECTION 2: PROTECTING THE GOODS<br />
DEVELOPER PARTNER <strong>SECURITY</strong> CHECKLIST<br />
SECURE. SIMPLE. AFFORDABLE.<br />
Editor’s Note: As the Digital Journey Leveraging New Technology<br />
in Loss Prevention article recounted, the importance of having<br />
mobile capabilities and technological flexibility is paramount for<br />
loss prevention professionals, as well as retailers in general. When<br />
partnering with a developer, make sure you’re asking how secure<br />
their platform is so that when it is installed at a merchant site,<br />
security will never be compromised!<br />
insight provided by<br />
David Gudjonsson,<br />
CEO and Co-Founder of<br />
Handpoint<br />
MERCHANT CHALLENGES<br />
• Data breaches are forcing<br />
improved security processes<br />
• Increased liability around<br />
card data breaches<br />
• Difficulty knowing which<br />
solutions are most effective<br />
SCANSOURCE SOLUTIONS<br />
• Provide total POS offerings that<br />
include payment terminal hardware<br />
• Offer complete configuration<br />
and key injection services<br />
• Help navigate the complexity<br />
of payments offerings<br />
800.944.2432 X4219 | SCANSOURCEPOSBARCODE.COM/PAYMENTSOLUTIONS<br />
What are 3 questions you suggest that VARs ask a developer partner<br />
about data security/cyber security before they decide to partner with<br />
them?<br />
☐ DG ☐What kind of solution and provider are you using for EMV?<br />
☐☐Is your solution / provider using an encryption?<br />
☐☐<br />
How us (VAR) is deployment with access and to TMS key injection and remote handled? config Do tools?<br />
you provide<br />
What are some of the precautions you’ve taken to ensure that your<br />
platform is secure before the merchant even installs your product?<br />
Handpoint is built from the ground up to completely abstract payments<br />
DG<br />
from the point of sale and deliver a secure payments solution for<br />
merchants of all sizes. We built our proprietary payment application to<br />
meet all of the PCI-P2PE certification requirements, and we host it within<br />
the tamper proof environment of the card reader, providing multiple levels<br />
of encryption from the instant a card is tapped, dipped, or swiped. No<br />
sensitive information touches the merchant’s systems with our out-of-scope<br />
architecture, and our PCI-DSS platform provides a secure switch to a range<br />
of global processors. We also built a remote terminal management system<br />
to keep merchants secure over time—our terminals stay up-to-date with the<br />
latest security feature with zero merchant effort and lost devices can be<br />
deactivated remotely. Together, the Handpoint solution keeps customer data<br />
secure end-to-end and over time.<br />
Quick poll: P2PE or E2EE? Why?<br />
I N -S TO C K<br />
I N V ENTO RY<br />
TEC H N I C A L<br />
S U P P O RT<br />
WO R LD - C L A S S<br />
LO G I S TI C S<br />
DG<br />
Both. P2PE to the secure decryption point and full E2EE to the<br />
processor. P2PE simplifies the key management for the merchant side.<br />
With E2EE the merchant might need to handle encryption keys itself.<br />
For more information, visit www.handpoint.com<br />
20 APRIL/MAY www.GoRSPA.org<br />
www.GoRSPA.org<br />
Payment Solutions Suite Ad 316.indd 1<br />
3/9/16 9:08 AM<br />
connect 21