New CyberSource Development Lets Merchants Screen eCommerce Transactions for Fraud without Exposure to Sensitive Card Info


MOUNTAIN VIEW, Calif. - Caught between dual threats of online fraudsters and payment data breaches, eCommerce merchants face a dilemma. They want to screen orders for fraud, but to do that means handling payment data -- the same data they'd like to eliminate from their networks in case of a breach. A new development from CyberSource, a Visa company (NYSE: V) ("Visa"), fully links payment security with fraud management, meaning merchants can screen orders and keep payment data out of their systems, simultaneously.

How it works

When consumers order online from organizations employing CyberSource's payment security and fraud management technologies, sensitive payment data (credit card number, security code, etc.) is captured through fields that are hosted by CyberSource, concurrent with the collection of necessary fraud detection data. Payment data is placed directly onto the CyberSource Level 1 PCI DSS-validated payment network, without coming into contact with merchant systems. The merchant never sees, stores, or transmits the payment data. Immediately upon capture, the transaction can be run through the fully linked fraud system featuring 200+ merchant-designated tests and detectors that assess the risk of fraud. All of this takes place in approximately two seconds. A secure payment token representing the transaction is returned to the merchant for post-sale payment support, such as credits or refunds.

"Today's announcement marks completion of our two-phased plan to address this dilemma," said Dayna Ford, CyberSource's Director, Product Management. "Now, in addition to our fraud system supporting tokenized payment data, we completely isolate sensitive payment data from merchant systems, while preserving merchants' ability to effectively screen for fraud. Merchants are able to limit their PCI scope, while deploying some of the most effective anti-fraud tools on the market, including device fingerprinting with packet signature inspection, IP geolocation, and multi-merchant velocity checks. Merchants can now be fraud-protected and payment security-enabled without compromise."

Price and availability

CyberSource hosted payment acceptance services are available today at no additional charge to customers using CyberSource payment tokenization and Decision Manager services.

About CyberSource Corporation

CyberSource Corporation, a wholly-owned subsidiary of Visa Inc., is a payment management company. Over 300,000 businesses worldwide use CyberSource and Authorize.Net brand solutions to process online payments, streamline fraud management, and simplify payment security. The company is headquartered in Mountain View, California with international offices in Reading, U.K.; Singapore; and Tokyo. For more information, please visit www.cybersource.com or www.authorize.net.

SOURCE CyberSource Corporation

CONTACT: Bruce Frymire of CyberSource Corporation, +1-650-965-6042, bfrymire@cybersource.com

Web Site: www.authorize.net

All Topics