We use the card PAN (the first six and last three card digits) and merchant generated reference numbers (such as order ID#) as our master reference, to ensure that customer's details are kept anonymous and therefore as secure as possible.
Unlike other payment systems, Merchant Protect authenticates transactions on an anonymous basis. It does not require disclosure of personally identifiable information (PII) by customers, and thus does not store who the customers are, or any of their PII details. Reference is by Merchant and Order number, eliminating any risk of hacking of databases or Merchant's confidential customer details being shared with other parties. There is also no requirement for advance sign up for customers, as the system relies upon the cardholders already existing telephone or internet banking, and the customer identifying themselves in the their normal way to their bank. We make the assumption that if a cardholder can correctly return to us the randomly generated debit and the balancing debit (which balances to the agreed transaction or sale total amount), then the transaction is bona fide and authenticated.
We also monitor PAN's and their velocities, which in turn may act as a trigger if we see the same PAN active across several sites or for cumulative high spend values or number of overall transaction attempts.
Online security and privacy is our business and we comply with the Australian Government's Privacy requirements.
When You browse the company's website or follow links to authenticate, Merchant Protect collects information regarding the domain and host from which You access the Internet, the Internet Protocol address of the computer or Internet Service Provider You are using, your device serial number(if available) and anonymous site statistical data.
Information collected while You are browsing our website may be used to analyze trends, administer the website, improve site performance, gather broad demographic information, and for security purposes. Information collected during authentication may be presented to the merchant with whom You originally transacted and financial institutions in order to validate transactions.
This data may be shared and matched by us and the merchant with whom you originated your transaction in order to settle any disputed or queried transactions with your financial institution or for legal action in the case of suspected fraud. Data may be shared without notice to law enforcement agencies at any time where fraudulent activity is suspected. At no time do we store your credit card details or other PII.
© 2011-2013 iSignthis Ltd. All rights reserved. Merchant Protect and iSignthis are registered trademarks of iSignthis Ltd. iSignthis Ltd. | Patent applications pending/granted in Africa, Australia, Asia, America's, Europe and Oceania. International WIPO Patent Application No : PCT/AU2011/000377.