Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from CIO Applications
Thank you for Subscribing to CIO Applications Weekly Brief
CardConnect: Facilitating Simple and Secure Credit Card Payments in SAP
The world witnessed the worst data breach in recent history, when Equifax, the credit reporting giant was hit by a massive cybersecurity attack that impacted more than 145 million consumers. Unfortunately, Equifax is not alone. Every year thousands of companies fall victim to data breaches that almost always result in negative press coverage followed by a mix of reduced customer confidence, executive-level firings and drastically lowered portfolio evaluations.
So what is an SAP user to do when the storage and transmittal of highly sensitive payment information is so vital to many daily business processes?
“It is critical that SAP customers take a proactive and layered approach to payment data security. What makes this requirement so urgent is that the SAP systems and the non-SAP applications or architectures it interacts with have various payment entry points that can become very vulnerable to data breaches and other cyberattacks, if not protected properly,” said Mark Passifione, Senior Vice President of Enterprise Solutions at CardConnect. “Having operated in the credit card industry for more than a decade, CardConnect has helped many well-known brands to securely accept electronic payments in a way that seamlessly integrates with popular SAP products like SAP S/4 Hana and SAP ECC across a diverse, constantly evolving set of sales channels.”
There are a few technologies that allow SAP customers to move beyond PCI compliance and implement even more security with less effort. Tokenization and point-to-point encryption (P2PE) are two of the those key technologies.
When coupled together, both allow organizations to remove SAP and other non-SAP architectures from the scope of PCI audits by replacing payment and other personally identifiable data (within the walls of the client’s network) with an indecipherable and valueless code the very moment payment card data is keyed, swiped or dipped.
CardConnect helps SAP customers to easily and effectively protect credit card data and other forms of electronic payment information against data breaches
PCI-validated P2PE and tokenization serve as the backbone of CardSecure, CardConnect’s advanced enterprise payment security solution, protecting SAP customers from the impact of data breaches, while minimizing the scope of PCI compliance. Another key component of this solution is support. Every CardSecure customer is assigned a team of seasoned experts to assist with the planning, implementation and post-implementation processes associated with its project and are available 24 hours a day, seven days a week.
Mark Passifione and the rest of CardConnect’s leadership team are proud to have such developed strong support system for its clients. “We believe a strong support system is necessary to ensure the success of our clients,” said Mark Passifone. “For instance, one of CardConnect’s clients, a large electrical distributor, came to us at a time when it was using SAP to manage its wholesale business and roughly 30-40 transactions per day at over 1,400 offices across the United States. Developing a strong relationship early on allowed us to develop a plan to seamlessly integrate CardSecure into the client’s environment in a short period of time. The end result? Two main payment entry points within the distributor’s environment—its (card-present) point of sale systems and (card-not-present) call centers are now safeguarded against data breaches - ensuring safety of payment card data for thousand of customers.”