|You, The Cardholder||The Business Owner||Banks (merchant accts)||Credit Card Vendors|
The overwhelming majority of credit card and identity data theft in the world today can be traced back to highly sensitive credit card and identity details being compromised when permanently stored online, in databases, storage systems, on networks and other types of similar systems.
Subsequently, astronomical amounts of money is spent each and every year in the continuing struggle, day after day, to protect permanently stored credit card details and highly confidential identity information from 'hackers' and 'cyber criminals' on the internet.
To the heartbreak of cardholders and online businesses all over the globe, 'hackers' and 'cyber criminals' are still managing to breach even the strongest of security defences ....
More than 100 million credit cards may have been compromised in data breach
Credit card breach exposes 40 million accounts
40M credit cards hacked
40 million credit cards exposed
Visa confirms another payment processor breach
Despite the well known and recognised risks the practice of permanently and electronically storing credit card details, transaction data and highly sensitive identity information online, in databases, storage devices and within networks remains a fundamental function of mostly all online credit card payment processing methods and many e-commerce websites still to this day. They can't do much about it as this is how the automated internet based card processing system has been designed from the beginning.
But the new e-Path payment gateway is different. Very different.
e-Path has been engineered to remove the need to permanently store highly sensitive credit card, transaction and identity details and subsequently is the first gateway of its type to terminate, by design, the core reason why critically sensitive credit card details and highly confidential identity information potentially becomes available to be compromised, hacked into, copied or stolen in the first place.
When you pay by credit card online using e-Path, not a single snippet of your highly private and sensitive credit card details, or any other details for that matter, will be permanently electronically stored online, in any database, in any storage appliance/device or on any network by the gateway. No names, no credit card numbers, no expiry dates, nothing is permanently electronically stored by e-Path. This, combined with the fact that e-Path creates a separate gateway system with its own unique encryption processes and secure URL for each and every gateway merchant means you are being protected by an entirely new level of security that has simply not existed before.
Once the official bank approved merchant account owner is in receipt of your credit card charge authorisation as far as e-Path and the internet is concerned it is as if that payment never occurred in the first place - nothing exists either online or on any network or in any database, storage appliance or within any electronic system of any type, shape or form with e-Path.
Not only that, once the charge is performed your credit card details will no longer even exist!!! In fact, e-Path is the only payment gateway that guarantees the merchant can ensure their own customers' credit card details do not exist anywhere, either electronically or otherwise, after the transaction is performed.
This extreme level of security separates e-Path from all other methods to accept credit cards online and it represents the ultimate ideal for the protection of all forms of critically confidential data in the age of the internet, not just highly sensitive credit card and identity details...
When highly sensitive credit card details do not exist they can't possibly be stolen!!
The business owner whose website you've just come from is clearly very serious about security. Their decision to utilise the e-Path credit card payment gateway is evidence they are not prepared to compromise on security or risk anything when it comes to protecting their own online customers.
|Quite independently from e-Path, your browser should be able confirm the secure e-Path gateway page is under SSL protection by the display of a padlock icon. Browsers have various ways of displaying this icon, some display the padlock at the bottom while some at the top within the address bar. If there is any doubt, see #2 to obtain direct confirmation from hte SSL issuer, THAWTE Inc.
|At the top of all secure e-Path gateway pages you can click on the THAWTE graphic to verify directly with THAWTE the validity of the e-Path THAWTE SSL. This provides the customer with direct SSL issuer confrmation of a correctly functioning SSL.
|McAfee™ is best known for their McAfee Secure trustmark and is a world leading provider of webserver security services including card vendor PCI (Payment Card Industry) compliance services.
The McAfee™ PCI Compliance program meets the requirements of Visa's CISP and AIS, MasterCard's SDP, American Express' DSS, DiscoverCard and JCB.
Our secure systems are physically located in the Macquarie Telecom datacentre in Sydney. Macquarie Telecom is the first telecommunications carrier in Australia to achieve Defence Signals Directorate Gateway Certification, conforming to ASCI-33 and the PSM (Protective Security Manual). ISO 9001:2000, PCI DSS Certification and SAI Global - ISO 27001:2005 are amongst other high level accreditations that combine to establish Macquarie Telecom as being recognised as Australia's most highly security accredited datacentre.
The above graphic is an actual screen capture of part of e-Path's McAfee™ PCI DSS auditing program control panel
What some people say ..."[e-Path] An ingenuously simple and logical approach with the potential to ease a little pressure on the credit industry as they continue the struggle to close security vulnerabilities with card based live transactions over the internet."
David Taylor - Commerce Tomorrow (Monthly Publication)
""[e-Path] sacrifices the convenience of instant internet based transaction processing for the sake of improved security and control. Granted, they [e-Path] do this well but I for one will not be going to a manual system."
Claire McKinley - Enterprise Commercial Quarterly
"We all know high strength 2,048 bit asymmetric cryptography is unbreakable. What is unique is how they [e-Path] have designed their relatively simple non-processing online credit card handling service around it. Clever."
'Professor Byte' - Willmington e-Commerce Advisory Committee
"This [e-Path] is not a new direction at all ... it simply sends us back to basics which as e-Path has identified can reduce online risk significantly ... reduced risk could see merchant services providers re-think their tough approach towards the entry level virtual business market."
S. Johnston Jnr - Smith, Johnston and Boverich. Strategic Financials.
"You simply can not get a better way to protect credit card information on the internet than for it not to exist on the internet. E-Path delivers what is shaping up to be an almost annoyingly commonsensical solution to the problem of online credit card data security."
Damien Croft - CEO, ComCron
"This new manual gateway from the Australia company, e-Path Pty Ltd, will only appeal to those likely to be doing small numbers of transactions per day and as such can not be considered a mainstream alternative to current live online processors. Reverting back to manual processes means reduced productivity for most businesses. But talk security and I concede e-Path has raised the bar to an impressive height, no doubt about that."
Samantha Goldburg - The Online Merchant
""Their non-permanent storage of card holder data nails a previously unattainable goal for online credit card handlers ... a major achievement that should delight the card provider companies .... but looking under the skin they [e-Path} appear to be little more than an online fax machine on cryptographic steroids."
Simon Metcalf - ComZone UK
"Businesses have been cursing the cost of fraud ever since we were able to process payments online. E-Path looks like the first genuine attempt by a payment gateway to improve security by design .... even though it [e-Path] takes you back to handling processes manually their approach has merit."
Mary Merrywhether - Article 'Risks in Business'
"A proper online payment processor, no. An easier and safer solution for the smaller e-merchant, quite possibly."
Max Minyarno - Financial Services Manager
"E-Path is no big deal. They have simply identified what causes risk and gone about trying to eliminate it. Bright sparks change the world for the better all the time, like I said, no big deal."
Shane Williams - MacSpeak 2007.
"I can't see much point in this new [e-Path] service. Where's the automation? Ok, so its good news in the security department, but having to process manually offline is not going to see everyone rushing to change their card accepting method. It will suit some but certainly not the majority. Nice idea, but not for me."
Trevor - ZNet feedback
"Just my 2c worth. I did this like a year ago. I use e-path. For a full year I have not recorded one single fraud transaction into my merchant account because I can SEE AND IDENTIFY them when I receive them. I will never go back to the 'dark ages' of Russian roulette with an expensive real time gateway and all those charge backs. No way man.."
'TrueBlue' - Contributing comment on Payment Gateways & Merchant Accounts - e-Commerce Talk
"The average business is fed up with money being taken out of their account [by their bank] because the online transaction done last month through their online processing gateway now suddenly turns out was fraudulent. I think doing things manually offline has some real advantages."
'John' - Contributing comment on Payment Gateways & Merchant Accounts - e-Commerce Talk