Last month we introduced Bolt P2PE, our new cloud-based API terminal integration solution that allows software companies to integrate their applications with PCI-validated point-to-point encryption (P2PE) and EMV devices for card-present transactions.
It’s been in its beta phase during the past few weeks, but today, we’ve announced its official launch.
1. Bolt P2PE works by receiving a request from a software application through our standard, RESTful API.
2. Once a device receives a command, a customer is prompted to initiate a payment.
3. Upon swiping or dipping a credit card, the cardholder data is instantly protected by the P2PE and tokenization of CardSecure®.
4. When the card information is created into a token, it’s then communicated to the software, so unprotected payment data is never stored within an application’s system. Cool, huh?
We offer integration with plug-and-play, P2PE devices like Ingenico’s iSC Touch 250, iPP 320 and iPP 350 terminals, all of which are equipped with EMV technology.
Bolt P2PE is a first for this industry. It will reduce the time and labor put into P2PE device integration, leaving more time for other things (and making life easier).
We’re also excited about the future. In the coming releases of Bolt P2PE, the solution will include compatibility with bluetooth and wireless-enabled Ingenico products. Even better.
So, software companies, what are you waiting for?
Learn more at cardconnect.com/bolt.
by Taylor Havlisch
Taylor is CardConnect's Product Marketing Manager and might reveal her suppressed Minnesota accent for you, if you ask nicely.
Ellie Delany Company Updates Aug 15 2017
This summer, CardConnect hired a team of fifteen student interns with various backgrounds to work in our King of Prussia headquarters. The interns were dispersed across different teams; from marketing, to software development, to merchant solutions, and several more. Here’s a snapshot of our 2017 summer interns, who they are, and what their managers had to say about their accomplishments and contributions at CardConnect: Sohini Maniar Bryn Mawr College 2018, Mathematics, Testing “Sohini Maniar was a key contributor to our application testing effort this Summer. She quickly learned how CardPointe and CoPilot work, and was able to apply previous testing experience to deliver tremendous value to us during her internship with CardConnect. I admire Sohini’s willingness to jump right in with a system that was completely foreign to her.” - Dave Harrison “From the moment I walked inside the office, I saw how amazing this company is and felt so welcomed by all the full time employees. I learned so much about payment processing and the effort and time that goes into the process. People were always very patient and attempted to answer as many questions I had to better understand the projects. Throughout my time here I always felt like I brought value to the company because of the responsibilities that were given to me. I am grateful that I was a part of an amazing opportunity where I build friendships and professional skills that will carry beyond the summer.” – Sohini Sean Parsons Pennsylvania State University 2020, , Security Risk Analysis/Cybersecurity, Engineering “Sean was incredibly effective during his time as a Business Analysis Intern on the CardPointe Gateway Engineering Team. He was instrumental in the planning and design phases of our customer-facing Apple/Android Pay and Bolt Offline solutions. Sean’s knowledge of Python scripting, ability to understand complex systems, and his attention to detail allowed him to contribute towards many other improvements made to how our team manages its products. Sean’s desire to be challenged, and composure while facing the unknown is extremely admirable; those traits are sure to serve him well in the future.” – Kevin Nathan Ellie Delany University of Delaware 2018, English, Marketing “Ellie, the author and organizer behind this post, has been an outstanding member of the marketing team this summer. The lightning speed at which she grasped the payments industry and how CardConnect operates as a business was incredible. It was also fun to see her impressive writing talent come alive in any project she touched (I’d say this uplifting blog was my favorite). To sum it up, Ellie was awesome this summer and we’re going to really miss her when she heads back to college!” – Michael Starosciak “My experience at CardConnect has truly evolved me as a writer. I went from writing creative essays and memoirs to researching EMV technology, PCI standards, and much more. My team never hesitated to answer my tech questions, or explain something in detail to me. CardConnect’s culture is five star, and there is a certain humor between the employees in the office that makes your work fun and enjoyable. I really could not have asked for a better intern experience or introduction into the FinTech industry this summer!” - Ellie Noah Granieri University of Michigan 2018 MBA, Technology, App/Gateway Development "Noah did an amazing job this summer! He made major contributions to the Product Management team by assisting with designing a number of new features coming to CoPilot and CardPointe in the future. His main focus was assisting with the design of a Project Management tool for the ERP Team in Copilot. He took the lead on working with key stake holders and working with them to define the requirements. We are going to miss Noah’s analytical thinking and ability to engage with other departments when he heads back to school!" - Nick Yanoshik “The summer internship has been a great experience. It was interesting to learn about the complex payments industry while working on some of CardConnect's next product features. The people I had an opportunity to work directly with were impressively supportive, down to earth and generous with their time and patience over the course of our projects this summer. When first delving into CardPointe and CoPilot (CardConnect's merchant portal and portfolio management tool for partners, respectively), the learning curve was steep but the team members and fellow interns made it a manageable and even fun task. I've enjoyed my summer here and know that I'll have unique projects and experiences to share with fellow classmates when I return to school this fall." - Noah Claire Frankel Univeristy of Pennsylvania 2018, Systems Engineering, App/Gateway Development "Claire was a huge help this summer! She made major contributions to the Product Management team by assisting with designing a number of new features coming to CoPilot and CardPointe in the future. Her big project was assisting with the design of a Project Management tool for the ERP Team in Copilot. She did an amazing job creating the mockups for the feature, which helped drive conversation and helped stakeholders see the vision that team had for the feature. Claire’s sense of team work and creativity will definitely be missed when she heads back to school!" - Nick Yanoshik "Interning at CardConnect was an incredible learning experience and a great way to spend the summer. I learned a lot about the payments industry, what the role of a product manager entails, and how to apply classroom knowledge to real world problems. The employees at CardConnect were amazingly supportive and helpful during my time here. I couldn't have asked for a better internship experience!" - Claire Meng Kry Pennsylvania State University 2018, Computer Engineering, Software Development “The experiences and the knowledge that I have acquired from CardConnect was invaluable. CardConnect is full of talented, experienced developers and engineers who were eager to help to on-board me as a Software Developer Intern. With hard-work and consistency, I learned a lot of new skills on Front-End and Back-End web development. By the end of the internship, I was confidence to work on a new feature by myself.” - Meng Amanda Warren West Chester University 2018, Actuarial Science, Underwriting & Risk “Amanda has been heading up a project for Risk to identifying merchants who are selling products that are prohibited by the card brands such as Kratom, Synthetic drugs, marijuana products, and prescription drugs being sold without a prescription. As a result of her hard work and dedication, we have successfully identified several prohibited merchants and were able to secure our risk prior to any notifications from the card brands.” – John Bintner "I had the best experience interning in Underwriting and Risk this summer. This was my first hands-on experience conducting risk analysis and utilizing underwriting policies outside of a school environment. I highly recommend working here - this is the only place that I've encountered where the company truly gives back to its employees (and interns!). If you want real world experience in your field, a company with NO CUBICLES, and you enjoy a great espresso machine, CardConnect would not disappoint you! - Amanda Pat Bernicker Ursinus College 2019, Applied Finance/Econ, Deployment “Pat is an ordering machine. He handed 80% of our CardPointe equipment returns and assisted in shipping out a large percentage of our orders to merchants. His hard work and attention was truly as asset to the Deployment team. Thanks Pat!” – Thomas Edinger "Working at CardConnect has truly been a great experience. Getting an in depth look into the payments industry during a pivotal time in CardConnects history was interesting to see and an incredible learning experience. Working with Cardpointe Support and the newly formed Deployments team made me fairly well rounded in understanding how this company operates. Every employee from top to bottom has been incredible, they couldn't have treated the interns any better! I would not have traded this summer for anything!" - Pat Sierra Kotwicki Bloomsburg University 2018, Marketing and Supply Chain Management, Merchant & Partner Solutions “Sierra was a huge asset to the Merchant Solutions and Partner Solutions team this summer closing 251 tickets as of 8/11 and quality checking over 900 bank changes! Sierra is always willing to jump in and take on a project, learn something new and complete a list of changes in record time.” – Sophie Wagner "I walked into CardConnect a little nervous, slightly lost, and tremendously naive. Three months later I walked out confident, happy, and knowledgeable on subjects that I never knew possible. CardConnect has defined and broaden my professional capabilities and has helped myself confirm my future goals after college. I couldn't be more thankful to work at such a prospering and supportive company." – Sierra Scott Luttman Pennsylvania State University 2020, Information Sciences and Technology, App Development "Working on the App Development team gave me insight into the software development lifecycle and helped me find my passion with working in frontend development. CardConnect is a great company - a lot of creativity and definitely an amazing culture." - Scott Tina Bowers Colgate University 2018, Physics/Studio Art, Technology "Tina was a blast to work with this summer! She made major contributions to the Product Management team by assisting with designing a number of new features coming to CoPilot and CardPointe in the future. Tina took the lead on building out requirements and mockups for an invoice presentment tool in CardPointe. Her mockups turned out great and served as an excellent tool for communicating the design that the team came up with for this feature. We will definitely miss Tina’s positive attitude and her grandmother’s baking!" - Nick Yanoshik “Card Connect was an amazing workplace and I'm so grateful for the things I have learned and the people I have met. Learning product management tools from Nick and Liz was so valuable to me and I always felt like I could ask questions and explore outside my comfort zone. This experience was overwhelmingly positive and I can't say enough good things about my time here!” - Tina David Macartney Pennsylvania State University 2019, Security and Risk Analysis, Device Integration Kirsten Jensen University of Pennsylvania Masters 2018, Computer and Information Technology, Gateway “Among other tasks accomplished, Kirsten developed a new dynamic amount driven transaction response feature for the CardPointe Gateway. This feature greatly improves emulator flexibility and testability for our merchant base. It was clear Kirsten wanted to give and also get a lot of value out of this internship. She’s very hard working and professional and always able to focus on her work. Kirsten’s code and contribution to the SDLC process exceeded expectations. The team all loved working with Kirsten!” – Chet Culver “CardConnect is a company that intentionally nurtures the things that make their employees thrive in their work individually and collaboratively. It’s a natural environment to develop skills and a project at the same time, which is an ideal combination for an internship. This summer has been a very rewarding experience in many ways.” - Kirsten Mike Offenbach Pennsylvania State University 2018, Security and Risk analysis, Device Integration Ben Rajcan Rochester Institute of Technology, Computer Science/Psychology, CardPointe “Ben Rajcan took on a variety of task assignments this Summer, and did them all very well. I want to specifically mention the work he did with the CardPointe Mobile test automation. This was a large gap in our test coverage, and Ben was able to deliver very quickly a set of automated tests that will reduce the amount of time it will take to test a new build of the mobile apps.” – Dave Harrison "I had a fantastic internship at CardConnect! I learned a lot about credit card payments, code and business processes. I am really glad to be working full time here!" - Ben
Ellie Delany Company Updates Aug 9 2017
Our Director of Enterprise Sales, Mark Cuneo checked into the FinTech Hotseat, a 15-minute Q&A video series hosted by Strategic Treasurer, a leading treasury consulting firm based out of Peachtree City, Georgia, to talk about protecting high priority data. In the interview, Mark explains why all data should not be treated equally when it comes to enterprise payment security and relays other helpful data security tips every IT team should know about. We’ve summarized Mark’s top tips below, but if you have a few minutes we encourage to watch the video in its entirety here . Not all data is created equal. No one wants to be hacked. If it does occur there is a big difference between a cyberattack that results in the release of high priority data verses the release low priority information. PCI Compliance is not enough. PCI compliance should just be the beginning for any enterprise looking secure high priority data. The reason for is, many PCI compliance guidelines are lagging behind cutting edge attacks. Luckily, there are other security measures companies can adopt to further secure data past PCI compliance guidelines - bringing us to helpful enterprise payment security tip number three. Tokenization is key. There are a few key technologies that allow you to move beyond compliance and implement more security with less effort. Tokenization is one of the those technologies because it allows you to remove your ERP system from the scope of PCI audits by replacing high priority data (within the walls of your network) with a valueless token. Tokenization is not encryption. Many people believe tokenization and encryption are essentially the same technology or security tactic. This simply is not the case. When it comes to securing high priority data it is better to be proactive than reactive. When a company is reactive we usually hear about it because the business failed a PCI audit, or worse, has experience a breach. In the latter case, the organization must find the most immediate resolution to minimize negative outcomes like executive level firings, loss of customer trust, fines and a massive reduction in profits. What is high priority data, you might ask? It is the data that if exposed, would cause the greatest damage. Some examples include credit or debit card numbers, security codes and any other personally identifiable information that can be traced back to cardholders. Encryption works by encoding sensitive information like valid credit card numbers utilizing an algorithm. The problem with this security tactic is, that the coded values can always be decoded and stolen. Tokenization is a far superior security solution because it works by taking vaild cardholder data and replacing it with a token. A token is not derived from the original value – it is based on a randomized number. This means that even if a data breach does occur and tokens are stolen, the thief will never be able to derive the original credit card number from it. “To give you an idea of how tokenization works in a different security senerio, imagine someone breaks into your home. You have a safe full of jewelry. The thief cracks into the safe and steals fake jewels. Why does this happen? You thought ahead and proactively prepared for such an incident by taking your real jewels and placing them in a secure vault located within a bank.” – Mark Cuneo In closing, it is important for enterprise-level organizations to identify high priority data and use measures in addition to PCI compliance to protect it because it is always better to be in a situation where you’re proactively preventing an cyberattack from occurring, rather than franticly reacting to one. To learn more helpful tips, check out Mark Cuneo’s full interview embedded below.
Taylor Havlisch Data Security Aug 8 2017
Our Vice President of Information Security, Justin Shipe, has an invaluable role at CardConnect. He’s the pro that keeps our data safe and secure, always thinking and acting one step ahead of potential threats. In addition to protecting CardConnect’s, he holds on to mounds of his own information about data security. Last month, he was willing to share some of his helpful advice with online retail publication Chain Store Age, in an article called “How to Stay Protected in this New Age of Data Breaches.” In the piece, Justin highlights the reasoning behind the increase in data breaches, where they happen and how to mitigate the impact when they do. His tips are important for every business to know - here are a few of them: > Proactivity and preparation is everything - create and consistently update a comprehensive security program and incident response plan > Invite stakeholders from all over your business to conduct a risk assessment as large as you can, at least once a year > Implement data protection solutions like point-to-point encryption (P2PE) and tokenization to prevent the use of sensitive data for fraudulent activity “There’s no way around it. Breaches will happen and if businesses don’t put the right steps into place to protect customer information, the impact can be devastating and lasting. Do the research and ask the questions that will get your business set up for a much less painful impact if and when a breach does occur.” Justin has more than ten years experience in the industry and has shared his talents with CardConnect for nearly five of them. If this article’s got you thinking about questions you’d like answered, our team is always ready to talk data security. Leave a comment to keep the discussion going!