Our Blog

Connect with us on LinkedIn

Tuesday, 24 May 2011

Conferma: The virtual world of Conferma

It seems that every day a new technology appears on the horizon with new functions and capabilities. The ever excited media is all too keen to report that this new technology is going to revolutionise the way we live.

Since the birth of the internet business has recognised its potential to create new markets and generate money. But, many early attempts at creating online businesses were restricted as the internet and its associated technologies were simply to slow – regardless of the potential. This led to the dot-com bubble as investors invested in projects that the technology couldn’t deliver.

Perhaps the most notable example of this was Boo.com an online fashion retailer in the early-mid nineties. They stretched the technology too far and their resultant collapse was symptomatic of the dot-com bubble - plenty of potential but not enough technology. However, as the internet developed and its capability improved the world became ever more reliant on this new virtual world.

Yet the emergence of one new piece of payment technology has gone largely unnoticed, virtual credit cards. Virtual credit cards operate in the same way as a normal card with the exception that no physical card is produced; they are issued dynamically for single purchasing events and are inherently secure.

In the virtual world the virtual card is coming to the fore. Enabling transactions and helping to realise the potential that so many saw in those early dot-com start-ups. They are easier to use and manage whilst offering increased flexibility and peace of mind. Essentially, virtual cards unlock revenue and create the flows of money many predicted.

Conferma has worked hard to build a network of financial partners capable of delivering virtual cards into the purchasing of corporate travel and expense (T&E). This growing network is; creating new efficiencies in existing purchasing processes, winning new business and creating new markets. Furthermore, Conferma’s settlement and reconciliation technology is superseding the traditional T&E billback process.

Conferma call this solution CSP (Conferma Settlement Platform) and it is rapidly gaining recognition within the world of corporate T&E.

Conferma and others within the payments industry have long recognised the potential of virtual cards. Conferma are using this technology to create new web-pay solutions that extend beyond corporate T&E into other B2B related purchasing categories. Anywhere, where there are; high-volume, mid-value transactions Conferma’s virtual cards can be deployed. Using Conferma’s technology does much more than traditional paper-based purchasing processes. It allows for data to be captured, processed and transmitted in a way that was not previously possible.

Ultimately, Conferma’s virtual credit card technology will give freedom of choice and transaction security in the virtual world.

Wednesday, 4 May 2011

Conferma: The I.T. Jungle

Recent high profile cyber attacks and security breaches for companies such as Sony have again brought the issue of PCI compliance into sharp focus. The attack on Sony proves that even the most I.T. savvy company can fall victim to a cyber attack.

For many industry commentators, Sony merely represents a growing list of companies who are victims of the I.T. jungle. Criminal gangs, terrorist organisations and hackers stalk companies looking for the slightest gap in security, a blind-spot, an open door or simple negligence. To then hack and steal personal and credit card data from unwary and ill-prepared companies.

When we consider the business travel industry we can see that the risks are high, how many TMCs photocopy and fax card data around the world to hotels, exhibition centres and alike? Relying on the honesty of their staff and the person receiving the fax for security! Or even worse store card data within their own systems.

Many TMCs and HBAs within the industry struggle to get to grips with PCI compliance and its implications. How much will it cost to implement? What do I need to do? Where do we begin? Achieving conformance is not simple and takes time to get right and maintain. So for small, medium and even large companies meeting the required standards can be problematic and expensive.

Basically, PCI standards have twelve points of compliance categorised into six groups. This sounds simple enough but there are roughly two hundred and fifty controls to be put in place, depending on the level of security you require. And the level of protection required is determined by the number of credit card transactions processed each year. Each of the two hundred and fifty controls can be verified in up to four times and may require up to four pieces of evidence to prove you meet PCI standards.

The costs of PCI accreditation for even a small TMC or HBA can run into thousands of pounds and for a large multi-national corporation it can be hundreds of thousands of pounds. However, doing nothing is not an option as MasterCard and Visa will fine breached companies for non-compliance. These fines reflect the scale and number of breaches and the size of the company. This ensures that conforming is the cheaper option.

In 2009 MasterCard* published their fines for non-compliance and these are steep. Fines can reach two hundred thousand dollars (US) for failing to meet the required standards with a charge of between ninety and three hundred dollars** per credit card record stolen. This doesn’t include the resultant legal action from your customers and damage to your company’s reputation. Put simply, for many companies within the industry, this is an issue of comply or die.

So with the costs of complying and the time it takes clearly overshadowed by the expense of a security breach where do you go for help. The answer is Conferma.

Conferma reduce the scope of your compliance requirements by taking the need to hold, process and transmit card data out of your company but not your control. In the modern I.T. jungle Conferma is the game keeper providing expertise and protection whilst saving both time and money.

** Basics for PCI compliance