Comments for E3 Secure http://www.e3secure.com Secure Payment Transactions Fri, 18 Feb 2011 16:30:12 +0000 http://wordpress.org/?v=2.9.2 hourly 1 Comment on Reducing Risk, Costs and PCI Scope by Larry http://www.e3secure.com/blog/2010/11/22/reducing-risk-costs-and-pci-scope/comment-page-1#comment-154 Larry Fri, 18 Feb 2011 16:30:12 +0000 http://www.e3secure.com/?p=576#comment-154 Tom, By using the E3 wedge, the POS is no longer in the scope of PA-DSS validation, and although the merchant’s PCI-DSS scope is greatly reduced, some PCI-DSS requirements still need to be addressed. According to Coalfire, “PCI compliance will always apply to a merchant if they capture, process or store credit card data anywhere in their physical environment.” Please reference page 10 of Coalfire’s whitepaper on the wedge for the PCI requirement breakdown with E3. Also, although some PCI requirements remain with E3, all E3-users are protected by Heartland’s E3 warranty that states in the unlikely event of a data breach while using E3, Heartland will reimburse a merchant’s breach-related fines. Please let us know if you have further questions, Larry Tom,

By using the E3 wedge, the POS is no longer in the scope of PA-DSS validation, and although the merchant’s PCI-DSS scope is greatly reduced, some PCI-DSS requirements still need to be addressed. According to Coalfire, “PCI compliance will always apply to a merchant if they capture, process or store credit card data anywhere in their physical environment.” Please reference page 10 of Coalfire’s whitepaper on the wedge for the PCI requirement breakdown with E3.

Also, although some PCI requirements remain with E3, all E3-users are protected by Heartland’s E3 warranty that states in the unlikely event of a data breach while using E3, Heartland will reimburse a merchant’s breach-related fines.

Please let us know if you have further questions,

Larry

]]> Comment on Reducing Risk, Costs and PCI Scope by Tom Jones http://www.e3secure.com/blog/2010/11/22/reducing-risk-costs-and-pci-scope/comment-page-1#comment-153 Tom Jones Thu, 17 Feb 2011 15:15:45 +0000 http://www.e3secure.com/?p=576#comment-153 If a reseller decided to implement your E3 wedge for credit card processing, would the reseller automatically become PCI compliant? If the data is automatically encrypted by your device, and is sent to your server via an XML SOAP request over HTTPS, and there's no way to decrypt the data, then what is left for the reselling merchant to prove PCI compliancy for? Thanks. If a reseller decided to implement your E3 wedge for credit card processing, would the reseller automatically become PCI compliant? If the data is automatically encrypted by your device, and is sent to your server via an XML SOAP request over HTTPS, and there’s no way to decrypt the data, then what is left for the reselling merchant to prove PCI compliancy for?

Thanks.

]]> Comment on PCI Compliance As A Moment In Time by Steve Elefant http://www.e3secure.com/blog/2010/09/16/pci-compliance-as-a-moment-in-time/comment-page-1#comment-66 Steve Elefant Thu, 16 Sep 2010 19:37:22 +0000 http://www.e3secure.com/?p=500#comment-66 Gayle, great post on a timely topic! The bottom line when it comes to the topic of securing payments in the U.S. is compliance does not equal total security! Here at Heartland, we are eager to see the upcoming PCI Security Council guidelines/report, and we hope the Council will embrace end-to-end encryption technology as a new and effective security method available to merchants for protecting cardholder data. In this time of mounting cyber crimes, the best way for businesses to ensure they are fully secure and protected is by implementing new technologies that can combat the hackers and fraudsters, such as tamper-resistant hardware and end-to-end encryption solutions - like Heartland's E3 - which has the capability to encrypt the card data at the time of swipe or key entry. As hackers become increasingly sophisticated, businesses also need to improve their methods and lines of defense - beyond PCI compliance standards. Gayle, great post on a timely topic! The bottom line when it comes to the topic of securing payments in the U.S. is compliance does not equal total security!

Here at Heartland, we are eager to see the upcoming PCI Security Council guidelines/report, and we hope the Council will embrace end-to-end encryption technology as a new and effective security method available to merchants for protecting cardholder data.

In this time of mounting cyber crimes, the best way for businesses to ensure they are fully secure and protected is by implementing new technologies that can combat the hackers and fraudsters, such as tamper-resistant hardware and end-to-end encryption solutions – like Heartland’s E3 – which has the capability to encrypt the card data at the time of swipe or key entry.

As hackers become increasingly sophisticated, businesses also need to improve their methods and lines of defense – beyond PCI compliance standards.

]]> Comment on Moving in the Right Direction: End-to-End Encryption Security Requirements by Larry Godfrey http://www.e3secure.com/blog/2010/07/29/moving-in-the-right-direction-end-to-end-encryption-security-requirements/comment-page-1#comment-38 Larry Godfrey Tue, 24 Aug 2010 15:39:33 +0000 http://www.e3secure.com/?p=435#comment-38 Anne, thanks for your interest in our E3 end-to-end encryption technology. A Heartland representative will follow-up with you shortly to discuss next steps. Thank you. Anne, thanks for your interest in our E3 end-to-end encryption technology. A Heartland representative will follow-up with you shortly to discuss next steps. Thank you.

]]> Comment on Moving in the Right Direction: End-to-End Encryption Security Requirements by anne http://www.e3secure.com/blog/2010/07/29/moving-in-the-right-direction-end-to-end-encryption-security-requirements/comment-page-1#comment-37 anne Tue, 24 Aug 2010 14:56:31 +0000 http://www.e3secure.com/?p=435#comment-37 I need to register the Omak Inn but I'm unsure about which program we fall into. Please get back to me asap so I can get this taken care of. thanks Anne 1-800-204-4800 I need to register the Omak Inn but I’m unsure about which program we fall into. Please get back to me asap so I can get this taken care of.

thanks Anne
1-800-204-4800

]]> Comment on SAQ Basics for PCI Compliance by Larry Godfrey http://www.e3secure.com/blog/2010/07/14/saq-basics-for-pci-compliance/comment-page-1#comment-15 Larry Godfrey Thu, 29 Jul 2010 21:17:04 +0000 http://www.e3secure.com/?p=413#comment-15 You are correct about the PCI requirement in regards to the SAQ C. Our decision tree diagram is intended to be a simplified version of the PCI table to help non-technical merchants understand the requirements. With that being said, we <a href="http://www.heartlandpaymentsystems.com/uploadedfiles/Resources/PCI_Compliance/PCIDecisionTree.pdf" rel="nofollow">updated our diagram</a> to include your point and recommend merchants refer to the PCI website at <a href="http://www.PCISecurityStandards.org" rel="nofollow">PCISecurityStandards.org</a> for complete details. You are correct about the PCI requirement in regards to the SAQ C. Our decision tree diagram is intended to be a simplified version of the PCI table to help non-technical merchants understand the requirements. With that being said, we updated our diagram to include your point and recommend merchants refer to the PCI website at PCISecurityStandards.org for complete details.

]]> Comment on SAQ Basics for PCI Compliance by Susan Zloth http://www.e3secure.com/blog/2010/07/14/saq-basics-for-pci-compliance/comment-page-1#comment-11 Susan Zloth Fri, 23 Jul 2010 20:46:16 +0000 http://www.e3secure.com/?p=413#comment-11 Your definition of which merchants can use SAQ C is slightly disingenious. PCI also has this requirement: The payment application system/Internet device is not connected to any other systems within your environment; I think that is overlooked. Your definition of which merchants can use SAQ C is slightly disingenious. PCI also has this requirement:

The payment application system/Internet device is not connected to any other systems within your environment;

I think that is overlooked.

]]> Comment on E3 for Your Business by Data Security: Yes Virginia, There is a Solution | Smarter Hotelier http://www.e3secure.com/e3-for-your-business/comment-page-1#comment-9 Data Security: Yes Virginia, There is a Solution | Smarter Hotelier Tue, 15 Jun 2010 11:11:41 +0000 http://www.e3secure.com.php5-12.dfw1-1.websitetestlink.com/e3-for-your-business#comment-9 [...] in terms of the amount of card holders affected.  Heartland responded by developing and releasing E3, “an end to (almost) end encryption process”, that according to Bank Technology News “has the [...] [...] in terms of the amount of card holders affected.  Heartland responded by developing and releasing E3, “an end to (almost) end encryption process”, that according to Bank Technology News “has the [...]

]]> Comment on True End-to-End Encryption in Action by Steven M. Elefant http://www.e3secure.com/blog/2010/05/23/true-end-to-end-encryption-in-action/comment-page-1#comment-8 Steven M. Elefant Mon, 14 Jun 2010 14:09:07 +0000 http://www.e3secure.com.php5-12.dfw1-1.websitetestlink.com/?p=302#comment-8 Justus, thanks for the questions. The E3 Terminal price starts as low as $269 and the E3 wedge as low as $69. The E3 Terminal comes with dual com interfaces for both dialup and internet connections. The E3 Terminal is available now and the E3 wedge is coming in July with other products soon, so stay tuned. If you would like more information or to see the E3 terminal in action, please email LBrown@vaultcommunications.com. Thanks again for your interest! Justus, thanks for the questions. The E3 Terminal price starts as low as $269 and the E3 wedge as low as $69. The E3 Terminal comes with dual com interfaces for both dialup and internet connections. The E3 Terminal is available now and the E3 wedge is coming in July with other products soon, so stay tuned. If you would like more information or to see the E3 terminal in action, please email LBrown@vaultcommunications.com. Thanks again for your interest!

]]> Comment on True End-to-End Encryption in Action by Justus Holm http://www.e3secure.com/blog/2010/05/23/true-end-to-end-encryption-in-action/comment-page-1#comment-7 Justus Holm Thu, 10 Jun 2010 06:30:34 +0000 http://www.e3secure.com.php5-12.dfw1-1.websitetestlink.com/?p=302#comment-7 And how much does it cost? And does it work on dial up? And when is it avalible? Thanks And how much does it cost? And does it work on dial up? And when is it avalible?
Thanks

]]>