Krengel Adopts Tokens in Credit Card Transaction Software
August 20, 2013 Alex Woodie
Krengel Technology recently updated its card authorization software to use a token-based approach to accessing sensitive card data. This approach helps Krengel Credit customers avoid the strictest PCI requirements by offloading the storage of sensitive data from its customers’ IBM i servers to Cybersource, the company that processes transactions for Krengel Credit customers.
For many businesses, the capability to process credit card transactions is an absolute necessity, especially compared to the hassle of handling cash or checks. However, the PCI rules that govern the handling of credit card data are getting stricter every year, and complying with the rules is eating up a big chunk of the IT budget pie.
This is leading some merchants to adopt payment systems that do not require them to store customers’ credit card data on their own servers. Instead, merchants store unique tokens that they use to pull up their customers’ billing data, which is stored on the solution provider’s systems. This approach not only lessens the scope and costs of their own PCI compliance requirements, but it improves the security of their systems.
This is the approach that Krengel is taking with Krengel Credit, which is a set of RPG service programs that enable IBM i shops to utilize the Cybersource transaction processing network.
With the new offering, Krengel is giving IBM i shops the capability to store sensitive information about their own customers on Cybersource systems, using subscriptions. The information in the Cybersource subscription can include a customer’s name, credit card numbers, billing addresses, email addresses, phone numbers, customer numbers, and just about any other metadata that may come in handy.
When the IBM i shop wants to charge a customer’s credit card, they submit the correct subscription ID, or a token, to Cybersource, and Cybersource processes the transaction, on either an as-needed or recurring basis. Krengel Credit users have full authority to create, updated, retrieve, and delete the subscriptions as needed, and can create subscriptions from any payment processed through Cybersource for up to 60 days.
Krengel Technology’s Adam Taylor explains the significance compared to previous methods of payment processing. “Basically, the difference is that, instead of having to submit the billing information and credit card number on every transaction, you can take advantage of Cybersource’s ability to store that information,” he tells IT Jungle via email.
“This means you can avoid storing that sensitive information on your system, and can allow for faster billing processes by using this as an alternative to needing the customer to submit their payment info repeatedly,” Taylor continues. “This really shines in instances of subscription billing, but in general makes the whole billing process much faster, easier, and more secure.”
Krengel continues to offer two versions of Krengel Credit, which the company sed to sell as a plug-in to its RPG-XML suite, but which is now a stand-alone product. The first version supports the main Cybersource network, while the second version supports Authorize.Net, a separate network that is also owned by Cybersource, which is owned by Visa.
For more information, see www.krengeltech.com.