Zenith Visa Web Acquiring A quick over view. Web Acquiring Allows merchants to receive payments for...
-
Upload
yvette-castel -
Category
Documents
-
view
234 -
download
0
Transcript of Zenith Visa Web Acquiring A quick over view. Web Acquiring Allows merchants to receive payments for...
Web Acquiring
• Allows merchants to receive payments for goods and services through the Internet
• Allows customers to purchase goods and services using Visa and Zenith Proprietary Cards
• Transactions done in a secure manner
Security Is Foremost
• Card not present transactions account for 10% of fraud losses
• Hackers often breach poorly secured websites to obtain stored card holder information
• Proper handling of card holder information entails unnecessary development/security costs
Security is Foremost
• Card Service companies response to security vulnerabilities was the PCI-DSS standard
• PCI-DSS: Payment Card Industry Data Security Standard
• A set of rules for handling card holder data
Security is Foremost
• PCI-DSS can be costly to implement and certify• Adds to development time• Holding card holder information makes your
systems a target
Our Solution
• Zenith Web Acquiring System handles all card holder information
• Secured against attacks• Takes away the need to develop payment
interface• Implements the Verified By Visa 3D secure
System
Merchant Web Application Requirements Checklist
• Company’s products/services are described on the website
• Each product/service page includes a full description of the product/service as well as the price of the item (in Ghana Cedis)
• Website visitors are able to select products/services they desire
• The web application stores each product/service the visitors click on
• The web application provides a summary to visitors describing:
• The products/services they have selected• The total amount billable to the client (including
taxes and/or customs related charges)• The optional ability to remove products/services
from the list of billable items
Optional Components:• For products that require delivery, a list of delivery
options and associate prices and charges.
Verified By Visa
• A new system introduced by Visa to mitigate stolen credit card attacks
• Allows card holder to secure their card with a password
• Protects the merchant from certain charge-backs
Steps in detail
• Step 1 Shopper browses at a merchant site, selects items, and then finalizes the purchase.
• Step 2 The Web Acquiring Server sends the card holder information to the Visa Directory Server.
• Step 3 The Visa Directory Server queries the appropriate card holders Issuing Bank's Access Control Server (ACS)
Steps in detail (cont’d)
• Step 4 The ACS responds to the Visa Directory, indicating whether authentication
• Step 5 The Visa Directory Server forwards the ACS response (or its own) to the Web Acquiring Server.
• Step 6 The Web Acquiring Server sends a payment information to the ACS via the shopper’s device.
Steps in detail (cont’d)
• Step 7 The ACS receives the payment information
• Step 8 The ACS either authenticates the shopper by using processes applicable to the card number (password, chip, PIN, etc.)
• Step 9 The ACS returns an authentication response to the Web Acquiring Server via the shopper’s device.
Steps in detail (cont’d)
• Step 10 and 11 The Web Acquiring Server receives the authentication response validates it
• Step 12 If appropriate, the Web Acquiring Server proceeds with the authorization
Our Integration Process
• We will provide the merchant with a start up kit
• Kit contains– Package to customise the payment page– Implementation of payment interface in
programming language of the merchants choice– Example pages
Our Integration Process
• Zenith IT Security staff will review the merchants site hosting infrastructure
• Zenith Web Programming staff will assist merchants IT team to integrate payment pages
• Test account setup on test server• UAT test carried out to certify merchant
integration is successful