We’re on the list of Visa Global Registry of Service Providers

Our commitment to compliance has once again been showcased after recently being announced as a service provider on the Visa Global Registry. For merchants, this means that Latpay is compliant with both the Visa program requirements and Payment Card Industry Data Security Standards (PCI DSS) to store, process or transmit Visa cardholder information.

The Visa Global Registry of Service Providers:

The Visa Global Registry has been compiled to make it easier for customers to choose the best merchant service provider for their needs. It’s important to note that:

  1. The Registry now distinguishes service providers that support secure technologies, such as EMV, tokenization and point-to-point encryption.
  2. Merchants can now check how long the provider has had a relationship with one of Visa’s clients or partners, which can be useful for a technology partner looking for a start-up versus an established company.
  3. The Registry also features service providers that are early adopters of the most recent version of the PCI DSS 3.2, which was released in April 2016. The key changes included a multi-factor authentication for administrators accessing cardholder data and additional security validation steps for service providers.

To learn more, visit the Visa Global Registry of Service Providers.

Why our compliance is good for your business:

  1. Protect yourself

Acquiring a compliant merchant service provider ensures that your business is meeting all legal and compliance requirements. In order to be cleared to take payments both on and offline, there are numerous hoops to jump through to ensure you’re providing a secure service for your customers. Working with Latpay takes the stress out of compliance obligations so you can get back to business.

  1. Protect your customers

As well as meeting all your legal requirements, working with a highly secure and compliant merchant service provider like Latpay ensures that your customers are protected from theft and fraud. Your customers are the lifeblood of your business, so protecting them against unauthorised transactions is critical. More than this, it also safeguards your business against reputational loss that often follows a financial breach.

  1. Allow customers to shop with confidence

When shoppers are confronted with unknown or untrustworthy payment systems, it forces them to think twice about making their purchase. Offering the highest security measures and trusted payment platforms can help your customers feel confident with their purchases and therefore less likely to second guess their decision. The transaction journey should be smooth sailing, allowing the customer to pay for goods or services without a second thought. Latpay can help you offer the peace of mind your customers need to shop with absolute confidence.

If you find that your payment service provider isn’t offering you the highest levels of data security and PCI compliance, it’s time to start shopping around.

Why choose Lateral Payment Solutions:

As a leading Payment and Merchant Service Provider in Australia, UK and Canada, Latpay offer superior fraud management capabilities and data tokenisation services to online businesses around the world.

With industry-leading technology, exceptional Level 1 PCI compliance and fraud management proficiencies, Latpay are proud to provide a truly complete payment solution for companies of all shapes and sizes.

Talk to us on 1800 865 224 to see how we can alleviate the hassles of security and compliance, so you can get back running your business.

Latpay Image For PCI Compliance

How Does your payment service provider tackle PCI compliance?

The Payment Card Industry Data Security Standard (PCI DSS) encompasses any business that takes payment via credit card, regardless of their size or industry, so it’s vital that you understand what protection your payment provider is offering and what they’re expecting you to tackle on your own.

While some providers may charge security and compliance as an additional service, most of us would expect that these come as part of your monthly fees, right? After all, they are the ones selling you the service, so should security and compliance not therefore be part and parcel of that service? Unfortunately, this isn’t always the case and it’s becoming more and more evident that some payment companies are profiting from this rather than helping you achieve the goal you set out to achieve when acquiring their services – growing your business.

Determining your PCI Compliance requirements

Regardless of whether you are a service provider, online retailer or brick and mortar store, the level of compliance for your business needs to be considered before you can truly understand what your requirements are and whether the additional costs are justified. If you’re handling, processing or storing cardholder data you will be required to meet compliance guidelines depending on how you process the payments.

The PCI Security Standards Council created 4 simple Self-Assessment Questionnaires (A, B, C & D) to help businesses validate the level of compliance they require, relating to whether your business does or does not handle, process or store credit card data. For instance, if your business takes credit cards via a hosted payment page like that offered via Latpay, you would only be required to complete SAQ A.

If, however, you take credit card payment and then store their information for quick future purchases, you’ll be required to complete SAQ D – the longest of the 4 containing around 250 PCI DSS requirements to adhere to.

To help you determine whether your provider is offering the services required by your business, let’s take a look at the top 5 things to look out for when acquiring a payment service provider:

Level 1 PCI Compliance
PCI compliance requirements change dependent on the size of your organisation and how many card transactions your process annually. Regardless of your business specifics, you should hope that your service provider is PCI DSS Level 1 certified, the highest possible level of compliance that can be achieved. This means that the responsibility of dealing with PCI can be shared with your provider, rather than worrying about it yourself in-house. It also gives you peace of mind that their systems consistently adhere to stringent guidelines associated with accepting, processing, storing and transmitting card information.

Secure Cloud Hosting
It’s fairly common knowledge that you shouldn’t be storing any credit card information to your website. For this reason, secure cloud hosting is one of the most infallible ways to securely house information away from your site, so make sure to check with your payment provider what methods they’re using for hosting. While you may have doubts about the security of storing sensitive data in the cloud, in reality it’s far more secure than physical system storage due to cloud providers’ dedication to the latest and greatest in security technology. Using global data centres with the highest standards for security and data privacy on the market, secure cloud hosting is reliable and resilient against a range of risks and threats and should definitely be included in your payment service provider SLA.

Secure Hosted Payment Page
If your business offers a hosted payment page for your customers, ensuring that page is secure is absolutely critical. This is due to the fact that all data sent over the internet is passed through any computer sitting between you and the end server, including credit card information. To mitigate the risk of a data breach, your payment provider should protect the page by encrypting this data with a Secure Socket Layer (SSL) certificate, allowing for a secure connection between device and server. Going the extra mile, your payment provider should be able to offer data tokenisation so that a customer need not re-enter their details each time they purchase online.

Data tokenisation
Data tokenisation is one of the most critical ways to safeguard your sensitive customer data and should be a must-have for your payment service provider.

Similar to the more commonly known process of encryption, tokenisation transforms important data like credit card details into a random set of characters that will be essentially useless in the hands of a cybercriminal.

This is due to the fact that, while the token signifies the original data, it uses a completely random method to be generated and therefore cannot be deciphered. Unlike encryption which uses a mathematical algorithm, a token can only be decrypted through what is known as a ‘token vault’ which houses the association between the data and the token. Further increasing information protection for your customers, the data housed in the token vault is then secured by way of encryption. With guaranteed security of any card data stored on servers, a token vault removes the hassle of data storage and enables descoping of customer data within the merchant landscape.

Fraud Management Services
What fraud management services is your current or prospective provider offering in your SLA? One of the very first things a good payment provider will do is conduct a tailored risk assessment based on your level of acceptable risk to determine how stringent your processes ought to be. As a standard, you should expect that every transaction is verified by a secure fraud management engine. You should also expect that there be some form of real-time fraud mitigation processes in place, complimented by a dedicated fraud management team to share information with you on fraudulent data and potential risks, as well as offline human analysis for increased comprehensive data security.

What should you do if your service provider isn’t making the cut?

If you find that your payment service provider isn’t offering you the highest levels of data security and PCI compliance, or is doing so at an additional cost, it’s time to start shopping around because you’re paying over the odds..

As a leading Payment and Merchant Service Provider in Australia, UK and Canada since 2001, Latpay offer superior fraud management capabilities and data tokenisation services to online businesses around the world.

With industry-leading technology, exceptional Level 1 PCI compliance and fraud management proficiencies, Latpay are proud to provide a truly complete payment solution to conventional and bespoke e-Commerce ventures for companies of all shapes and sizes.

Talk to us on +61 7 5502 6686 to see how we can alleviate the hassles of security and compliance, so you can get back to what you do best.

Latin America, Where Cash is King

Latin America has long been classified as an emerging market and with a total population of around 600M, the new business potential is obvious. Unquestionably the payments space continues to gather momentum within the Latin American markets but in doing so also presents challenges to international merchants actively targeting this region. As the areas covers around 25 countries, each local payment ecosystem will differ accordingly. It is therefore essential that merchants have a clear understanding on local purchasing habits which, if acted upon, will assist in transforming previously poor acceptance rates that, in the past, have been the bane of many a payments manager.

Local Payment Acceptance.

Put simply, indigenous payment methods are king, especially when it comes to fighting fraud. Local providers in comparison to the larger global payment operators will be able to offer enhanced customer validation by having access to local databases. Consequently, there are a multitude of local card and cash based e-commerce payment systems available across the continent that remain the automatic consumer preference at the point of checkout. Even though (for the moment at least) most credit cards issued by local banks aren’t enabled for cross border purchases, this is changing – Visa/Mastercard usage continues on an upward trajectory, albeit at a slow pace. As much as this trend is encouraging we must still remember that as many as 70% of the Latin American population still don’t have a bank account, therefore offering players viable alternative payment options remains key for any merchant or gaming operator that has designs on cracking these lucrative markets.

Lateral Payment Solutions can keep merchants ahead of the game via our single payment gateway integration.

A Lateral Approach to Enhanced Security and Flexibility

Lateral Payment Solution’s presence at ICE Totally Gaming once again reaffirms its longstanding position as the “one stop” Level One payment provider within the iGaming sector.
The last 12 months have seen many gaming operators face increasing challenges within the payment sphere, not least in the area of PCI compliance and specifically in the management and the storing of sensitive card data. High profile security breaches in recent months have reinforced the view that failure to have the correct systems in place can have disastrous consequences for an E-commerce business.

Ian Vidamour, Director at Lateral Payment Solutions said: “We fully understand that achieving the highest level of compliance is a costly and unwelcome distraction to many of our clients. Some feel that their expertise and resource should be more focussed on the core objective of increasing revenues. The Lateral Payment Solutions Data Tokenisation solution removes this storage burden and allows the de-scoping of the cardholder data within the merchant environment. This makes it easier to attain full PCI compliance, which is becoming a prerequisite to banks within the Lateral Payments Global Acquirer Platform.”

The Lateral Payments Global Acquirer Platform provides merchants with secure and certified connectivity to around 90 leading acquiring banks across 30 countries. This allows operators to seamlessly route transactions across multiple acquirers. Ian goes on to say: “The recent enhancement of our bank switching software has given clients even greater flexibility and more control within their payment processing infrastructure. Along with our extensive range of local payment options, we want to provide our clients with all the tools possible to succeed in a sector where deposit acceptance rates continue to be scrutinized.”

Lateral Payments was established in London back in 2001 to serve the complex and very specific payment processing requirements of the iGaming sector. Other services within their portfolio include Merchant Account set up, comprehensive Alternative Payment options such as E-Wallet and Prepaid systems as well as real-time KYC Verification. Connectivity to multiple pay-out solutions like Wire Transfers, SEPA, BACS, and Faster Payments are also available.
For more information on alternative payments, head over to our dedicated page here.

Maximising E-Commerce Payments via Mobile

Lateral Payment Solutions is pleased to announce the version 2 release of its cutting edge Mobile Optimised Payment Page.
This upgrade ties in with our promise to our merchant base to exploit the latest technologies which has led to a more refined page performance and enhanced user experience, all in line with recent PCI – DSS guidelines. Using smartphones to pay for goods and services has never been easier and this method comes with a multitude of advantages. Primarily, it gives customers a flexibility in being able to make purchases anywhere and anytime within a secure environment. Indeed, offering a mobile payment processing channel is a must for any retailer not least because it is cost effective and has a tendency to capture impulse buyers leading to increased sales.