Security

All critical security aspects have been addressed and ensured in the development and deployment of the TranLogix's payment engine. The three most important components to security are:

  1. Physical Security, which represents the security of the physical network on which the payment engine resides;
  2. Hardware Security, which represents the protection provided by firewalls and intrusion detectors that prevent hackers from breaking into the network;
  3. Software Security, which represents the data encryption methods and access controls provided by the software modules.

more » TranLogix has been certified in all three areas and is currently receiving its CISP certification which holds it to the highest standards of credit/debit card processing.

Physical Security

The payment engine is hosted on a network located in a data center managed by Savvis Communications, Inc. ("Savvis") in Weehawken, N.J. The Savvis data center provides the infrastructure necessary to maintain our servers up and running securely 24/7. The data center is custom designed with raised floors, HVAC temperature control systems with separate cooling zones, and seismically braced racks. It also has state-of-the-art smoke detection and fire suppression systems, motion sensors, and 24/7 secured biometric access controls, as well as video camera surveillance and security breach alarms. Savvis delivers highly reliable connectivity and service through a number of redundant subsystems, such as multiple fiber trunks coming into the data center from multiple sources, fully redundant power on the premises, and multiple backup generators.

Hardware Security

The TranLogix's network at Savvis is designed to be secure at every layer with a configuration that makes it extremely difficult to penetrate lower layers where the critical software and data reside. Highlights of the network are:
  • Multiple web servers clustered to provide one virtual web server in a demilitarized zone ("DMZ"), created using a three-stage firewall. The first firewall allows traffic to flow to only the web servers in the safe zone, while the second and third firewalls allows traffic to the application and database servers respectively only if it had originated in the safe zone;
  • Multiple application servers clustered to provide acceptable throughput behind the second firewall;
  • Multiple clustered database servers with replication facilities for data synchronization;
  • Intrusion detection and prevention (IDP) to analyze traffic on the public and private network to take pre-emptive action if any "dangerous" traffic patterns are detected;
  • Active log analyzers to scan log files in real-time and raise an alarm if any suspicious activity is detected;
  • Virus scanners to constantly monitor for viruses;
  • Firewalls, routers and load balancers at every layer to filter, route and distribute traffic, all of which are essential components of a high performance, robust and secure network.

Software Security

Software security refers to security features built into the software architecture to create a secure and scaleable payment engine. The software has the following security features:

  • Access to system functions is controlled by complex ID and password;
  • Access to software modules is controlled by Access Tokens, which typically have a life of only 15 minutes, and are dynamically assigned to a user at the time of login. These tokens are known only to the software and change every time a user logs in. Since any request for screens/data coming from the PC must have this token, it is impossible for hackers to generate their own scripts to access our software modules or database;
  • Users are automatically logged out if no activity is detected for 15 minutes;
  • Critical data — bank information, telephone number, last four digits of a customer's SSN — are encrypted before they are stored in the database, which means that the data is useless without the decryption key;
  • All financial and other sensitive data is transmitted only over secure links using the SSL (Secure Socket Layer) protocol;
  • Fraud screening is performed using Experian CheckPoint to verify the identity of users at the time of transactions;
  • Consumer accounts are assigned limits that restrict the amount that can be spent on a single purchase, and the total amount that can be spent in a day or a week;
  • Email notification when any transaction is processed;
  • Extensive audit trails are maintained of all transactions and log changes, which allow the reconstruction of any sequence of actions that led to a particular transaction in case of errors, human or otherwise;
  • VeriSign® Certified

Read More About Our Technology.

Processing

Our processing engine handles each transaction as a whole.

Redundancy

Our platform is based on a fully redundant hardware set.

Terminal Solutions

Multi-function, multi-use terminals at no incremental costs to retailers.