- TalkBack 22 of 22:
- « Previous
- Thread View
- Flat View
- Online Super Payment Gateways
-
I have worked in the real time payment gateway industry for twelve years I have become accustomed to the security vulnerabilities of our system. It keeps us all employed!!
Then along comes these new manual super gateways, such as http://e-path.com.au, that use 2,048bit asymmetric cryptography. There are others that have recently launched but e-Path is the only one we have tested ourselves by signing up for an account as a "customer". We of course identified ourselves to e-Path and were up front about wanting to test their system. They didn't have a problem with that.
Its not new technology but its how they use it that is really making an impact on improving security. The Zdnet article is interesting because it suggests the PCI DSS are making a compromise on the next step in their efforts to improve security because of pressure from the industry. This is actually quite true. My company was one that put great effort into lobbying the PCIDSS to allow the status-quo. If the PCIDSS forced asymmetric cryptography upon real time gateways then this would have catastrophic consequences because it would mean all real time payment gateways would be out of date and non-compliant. But my point is there are now these new manual gateways that actually do meet with this new desire for exceptional encryption security.
The question therefore is if real time gateways don't adopt this new asymmetric cryptography then we stand the chance of being left with representing security vulnerabilities from a previous era. Perhaps the industry needs to adopt it on their own, like e-Path has, in order to really address security vulnerabilities associated with accepting credit cards online.
I am very reluctant to admit it but it certainly looks like the manual system is the first major step in negating many of the vulnerabilities that currently exist within the "real time" payment gateway system.
I can't personally see how manual systems would be an economical solution for high transaction volume cc traffic but for the small online business, well, I'm busting trying to find any negatives about them.
Food for thought. - Posted by: fooj Posted on: 03/09/07 You are currently: a Guest | Members login | Terms of Use
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- Performance Analysis in Eclipse Quest Software When your Java applications aren't tested consistently - and correctly - ... Download Now
- Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now
- Storage Capacity Management for Oracle Databases Quest Software Do you have sufficient space capacity to support your growing Oracle ... Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer>>
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- The more you simplify, the more you save
-
When you transition from your existing Red Hat environment to SUSE Linux Enterprise from Novell, you can recognize dramatic cost savings, perhaps as much 50%
- Learn more >>
-
-
Smart Tech
Expert advice on innovations in healthcare and the green technologies that make it happen.
Find out more
-
Smart Business
Discussion and advice on management issues that revolve around making your world smarter and more useful.
More Smart Advice
-
Smart People
The best and worst moves in the management and strategy trenches.
Learn More
