3rd Party Credit Card: 3rd Party Credit Card Processing Security Issues

Some merchants believe that 3rd party credit card processing has many security
holes. This is totally untrue. Even if there are security holes in 3rd party
credit card processors, there can be no more than in usual credit card processing
systems. The reason for that is because a 3rd party credit card processor in
fact acts like a normal credit card processor using the same security system.
The only difference is that there are two gateways involved in 3rd party credit
card processing. One gateway from the 3rd party merchant to the 3rd party credit
card processor, and the other one from the 3rd party credit card processor (acting
as a normal credit card processor, at this stage, between the bank and itself)
to the bank.

3rd party credit card processing uses the SSL encryption system to pass transaction
data. The SSL, an acronym for Secure Socket Layer, security system prevents
the transmitted data to be read (or 'spoofed' in card theft slang)
and/or modified. 3rd party credit card processors, as any users of this system,
have SSL certificates, or keys. These certificates act as net-passports or ID-cards.

WARNING: NEVER trust a 3rd party credit card processor that has no SSL certificate!

When clients enter transaction and personal information (like names, credit
card numbers, passwords, etc.) the SSL engine integration encrypts all the data,
using the SSL unique certificate as a modifier and key. This data is transmitted
to the 3rd party credit card processor (still encrypted). There it is decrypted;
encrypted again, using the 3rd party credit card processor service SSL certificate
as a new key, and the encrypted data is passed on to the bank, where it gets
decrypted and the transaction gets processed.

Some 3rd party credit card processing service providers store the transaction
information for you and ONLY you to make use of. But more often statistical
information is passed to your 3rd party credit card processor account from the
bank.

As you can see, there is absolutely no reason to mistrust 3rd party credit
card processing companies if they are incorporated with SSL security technology.
You can implement extra safety features to be extra sure, and make your clients
feel secure and comfortable while shopping online. Such features as password
controlled transaction information submission, image generated security codes,
and even a small credit card safety guideline for your customers might just
make a bigger difference than you think.