| Recent reports of wire-tapping fraud is a major concern throughout the payment industry. Wire- or line-tapping, involves the illegal installation of a monitoring device on the merchant’s phone line and systematically extracting credit and debit card information from the terminal’s data traffic. This new dimension of “cyber-theft” has accelerated the need for sophisticated encryption capabilities for POS transaction traffic. In current transaction transport architectures, POS transactions are sent in the clear, making it possible for technically-savvy criminals to quickly intercept sensitive information in the middle of transaction transport, a “man-in-the-middle” attack.
To counter this threat, the EFTSec Server solution allows all or a portion of transaction data passed between a POS terminal and an access network to be encrypted so it is secure from any commercially-viable attack. The EFTSec Server is a “plug-in” to your existing network infrastructure that does not disrupt current network traffic, making implementation seamless. Financial Institutions and Merchants can preserve their current investment while offering customers state-of-the-art protection. EFTSec is the intelligent choice, where we bring together tried and tested solutions to provide our customers peace of mind. |
| Market Segments |
- Back office multi-lane server
- Corporate headquarters
- Banks
- Processors
- Payment gateway
|
| Software Requirements |
- Microsoft Windows 2000/2003
- Oracle 9i or above / MS SQL 2005 or above
|
|
|
|
Cyber Theft |
Phone Line |
T7 Series Terminal Devices (Legacy) |
Product Data  TOP |
| Secure, Reliable & Cost-Effective |
- Supports — Fully configurable capabilities using HypercomView™
- Backwards Compatible — Fully integrated support for legacy terminals & transport capabilities
- Optimization — Frame relay at lower bandwidths to maximize network performance and balance costs
- Supports — Multiple keys for unique addressability for each acquirer
|
| Flexible |
- Uses Hypercom’s EFT-Master™ Transaction Switching Engine
- Able to “plug-in” to your existing network infrastructure without disrupting current network traffic
|
| Secure |
- Utilizes industry standard HSM to encrypt/decrypt transaction data that
provides validated FIPS 140-2, Level 3 environment
- Secure Key Distribution via Smartcards
- Supports Key Management with industry standard HSM
|
| Reliable |
- Utilizes Hypercom’s over 29 years of experience and expert knowledge of transaction technology
- Built on a framework that relies on standards and industry experience
|
|
| Sample Devices |
|
|
|
|
Optimum T4200 Series |
Optimum M4100 Blade |
Unattended
Devices |
IEN Networking Equipment |
| Platform |
• Microsoft Windows 2000/2003 |
| Database |
• Oracle 9i or above
• MS SQL 2005 or above |
| Security |
• *1. FIPS 140-2, Level 3 Validated HSM
• *2. SmartCard
• Support Multiple Encryption Methods
- AES
- DES
- 3DES
• *3. VISA score “3232342” ranking |
| Environment |
• Back office multi-lane server
• Corporate headquarters |
| Server Components |
• Key Management System
• Smart Card System |
|
Foot Notes*
1. SafeNet Inc. ProtectServer Gold PCI
2. JavaCard Ver 2.1.1
3. Reference Transaction Data Encryption document from VISA International, dated
Dec. 1, 2004 Ver. 1.0. The highest possible score is 3242342; the lowest possible score is 1111111. |
