While corporate (B2B) credit card programs are forecasted to grow 85% by 2018, it’s surprising that less than 15% of B2B organizations accept credit card payments. Sure, B2B card transaction costs – interchange and processing fees – were valid deterrents in the past; but it’s a whole new digitized, consumerized, real-time world today. Simply: if you do not accept credit card payments, your customers may switch to a supplier that does. Download this eBook to learn more
In the digital world, B2B transactions are constantly changing. The manner in which transactions are initiated and conducted have to improve as the pace of business moves faster every day.
Data security is top of mind for every business, particularly for those that handle financial information. With over 10 years of experience in financial services, VersaPay understands data protection regulations and meets the highest security standards. VersaPay’s compliance, internal practices, data centers, and security monitoring is best-in-class to ensure your customer and financial information is protected in a secure environment.
VersaPay is audited annually and continually abides by comprehensive security assessments and certifications by third-parties to ensure we meet the highest standards as a certified security partner.
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment.
The PCI DSS designates four levels of compliance based on transaction volume. VersaPay is certified as compliant under PCI DSS version 3.1 at Service Provider Level 1 (the highest volume of transactions – more than 6 million a year).
VersaPay completes an annual PCI DSS assessment using an approved Qualified Security Assessor (QSA). The auditor reviews VersaPay’s Information Security System, which includes validating the infrastructure, development, operations, management, support, and in-scope services.
Also known as SSAE 16 / ISAE 3402 / CSAE 3416, Service Organization Controls (SOC) 1 is a series of accounting reports undertaken by a service auditor to evaluate the internal controls at a service organization when they are likely to be relevant to customers’ internal control over financial reporting. VersaPay is recognized as a SOC 1 service provider.
The SOC 2 audit is an independent review of an organization’s controls, providing a definitive security assurance to help IT teams evaluate managed service providers. SOC2 allows service organizations to quantify their adherence to the Trust Service Principles (TSP) relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy.
VersaPay’s services are hosted in top-tier data centers that provide carrier-level support. Support spans across different areas of security to ensure all considerations for your data protection are covered. Click below to learn more:
Physical security of the data center is protected with 24/7 manned security (foot patrols and perimeter inspections), video surveillance, biometric scanning for access, concrete-walled data center room, access-controlled steel-caged computing equipment and tracking of asset removal. The physical facility is protected from environmental risks and is engineered for local, seismic, storm and flood risks.
Humidity and temperature control and redundant (N+1) cooling system ensure data centers are physically optimal and that your data is protected from environmental threats.
Data centers are powered by an underground utility power feed. Redundancy is in place to ensure power with redundant (N+1) CPS/ UPS systems, redundant power distribution units (PDUs), and redundant (N+1) diesel generators with on-site diesel fuel storage.
VersaPay’s data centers are network neutral connecting to all major carriers and located near major Internet hubs. Data centers have concrete vaults for fiber entry, redundant internal networks, and high bandwidth capacity, ensuring your data is always available.
Data centers are protected from the risk of fire with VESDA (Very Early Smoke Detection Apparatus). In the event of a fire, your data is protected with dual-alarmed, dual-interlock, multi-zone, pre-action dry pipe water-based, fire suppression.
Using Extended Validation (EV), connection to VersaPay ARC is armed via TLS cryptographic protocols to ensure users have a secure connection from their browsers to VersaPay’s service. A unique token is created at login, allowing individual user sessions to be identified and re-verified with each transaction.
Firewalls and edge routers block unused protocols while internal firewalls segregate traffic between application and database tiers. The internal network is armed with intrusion detection sensors to alert, log and report security events.
In addition to our disaster-recovery capabilities, customer data is also backed up to external storage in a separate data center. Storage media is not transported off site from this data center, reducing the risk of loss.
All customer data is stored in secure data centers and is replicated over secure links to a disaster recovery data center. This design provides the ability to rapidly restore the VersaPay ARC service in the case of a catastrophic loss.
VersaPay tests all code for security vulnerabilities before release and regularly scans our network and systems for vulnerabilities. Third-party assessments conducted regularly include:
With 24/7 security monitoring, VersaPay identifies and manages threats with real-time notifications from various sources and alerts from internal systems.
VersaPay has privacy and security-conscious policies that apply to all our employees to ensure the protection of data in our information handling practices.
VersaPay’s contracts include confidentiality provisions that prohibit us from disclosing customer confidential information, including customer data, except under certain narrowly defined circumstances, such as when required by law.
Every VersaPay employee and contractor undergoes criminal background checks, signs confidentiality agreements, and follows our information security policies.
For information collected on the VersaPay ARC™ cloud-based platform, VersaPay provides assurances around the types of information collected, as well as how that information may be used and shared.
VersaPay offers individuals the opportunity to manage their receipt of marketing and other non-transactional communications and notifications.
Looking for more insights, tips, and general information on accounts receivable automation? Check out the links below.
Accelerate your customers’ transition to online invoicing with express user adoption ...
Learn More »
With the right team, experience and technology, we have what it takes to make your project a reality with minimal IT investment ...
Grow your business with secure online payment solutions that integrate seamlessly with your infrastructure. Appetite for online payment is growing as more companies look into moving their business processes...
Do you like the sound of getting get paid faster and improving customer satisfaction? If so, you’re ready for accounts receivable automation.
Connect with us to enable a secure, self-service platform for your staff and customers to future-proof your business for the online world, before your competition does: