Credit Card Processing, Security and PCI Compliance

TransArmor Security

by Ben Dwyer

Also now called Clover Security, TransArmor is a suite of anti-fraud tools available from credit card processor Fiserv (formerly First Data.)

Note: TransArmor was originally developed and offered by First Data, who has since been acquired by Fiserv. TransArmor is still available under that name, but is now considered an offering from Fiserv.

Owning a business is complicated and it can be difficult to completely protect yourself from data breaches. Whether you have store and distribution center locations that number in the hundreds with tens of thousands of employees or run a two-man shop, constant vigilance over access points and sensitive data is a continuous, ever-changing security obstacle. This places greater burden on businesses who invest painful amounts of money into PCI compliance, yet still remain vulnerable to data breaches.

Chances are you don’t have the time to become an expert in security or payment technologies. You’re busy trying to understand customer needs so you can deliver the right goods successfully and efficiently: hopefully at a profit. So if you’re a Fiserv customer, you may be wondering if the TransArmor security solution is right for you or if it’s a waste of money.


What is TransArmor?

TransArmor / Clover Security is a suite of security tools available to all Fiserv customers, including those businesses who use Fiserv through a reseller, or “ISO.” Fiserv, through its acquisition of First Data, became one of the largest credit card processors in the world, and many smaller companies resell its services. If you’re not sure if you’re eligible, ask the company you use for credit card processing.

The TransArmor security solution helps mitigate many traditional risks by using security technology like encryption and tokenization. It also includes a liability waiver of up to $100,000 for costs associated with a data breach should you have one.

How does it work?

TransArmor is a dual-layered system that features both encryption and random-number tokenization. Developed jointly with its security partner RSA, TransArmor removes sensitive cardholder information from your network by replacing the card data with a pair of random numeric tokens. (These same token values can be used for subsequent transactions such as loyalty programs and returns.)

The chief advantage of that is you’ll only hold encrypted token(s), not sensitive card information. So if your database (or mobile device used to take the payment) is the target of a hacker or is physically stolen, there is no customer card numbers or other payment information archived. The hacker or thief will get only meaningless tokens.

Who is TransArmor good for?

If you have significant amounts of monthly credit card sales or perform a lot of payment transactions out in the field, you could see some distinct advantages in TransArmor, as this heightened security essentially “transfers” a great deal of liability for a breach “up the line” to your bank and/or Fiserv. You may even be able to drop your data breach insurance – especially if the coverage premiums exceed the Trans Armor subscription rates.

Note that Fiserv clients are generally enrolled in TransArmor by default. CardFellow clients can be exempted from TransArmor enrollment.

How much does it cost?

TransArmor as an add-on to your processing usually costs $14.95 – $19.95 per month. That’s in addition to any other monthly fees and to the costs of processing, which can be set by Fiserv (if you have a direct account) or an ISO (reseller.)

Fiserv and its resellers set pricing for processing on a per-business basis. If you want to get a fully-disclosed quote, you can use our free quote request tool.

CardFellow clients can be exempted from “forced bundling” of TransArmor when choosing a quote through the CardFellow system.

I don’t want TransArmor. How do I cancel it?

The method to cancel TransArmor depends on your specific situation.

If you have a direct account with Fiserv…
Those who wish to opt out of TransArmor must call Fiserv to do so. Just sending an email will not suffice. When you call, make sure to get the customer representative’s name and identifying number as there is no guarantee the company will confirm your cancellation via email. Check your processing statements to verify cancellation. You may find that you need to contact Fiserv multiple times to ensure your request is handled.

If you have an account with an ISO/reseller of Fiserv processing…
If you wish to opt-out of TransArmor that is bundled into your processing account with your bank or a processing company, get in touch with your processing representative. Check your processing statements to verify cancellation.

If you have an account with CardFellow…
If you’ve been charged for TransArmor and don’t wish to use it, give us a call or send us an email. We’ll resolve it for you.

TransArmor and Clover POS Systems
Clover POS systems are an exception to the opt-out for TransArmor. If you use a Clover Station, Fiserv requires you to use TransArmor / Clover Security.

Best Practices for Security

Though TransArmor can alleviate anxieties regarding customer data safeguards, remove concerns about card data storage, and help counter rising PCI compliance costs, it is no security “silver bullet.” Data protection is a multifaceted process that involves not only IT and database systems, but the people using them. A comprehensive program is only as strong as its weakest link, and evolves over time.

Today’s payment security solutions like TransArmor – and future leading-edge data security products – work best with traditional “common sense” best practices to dramatically reduce or eliminate data breach risk.

  • Use a combination of fraud protection and security software.
  • Create complex alpha/numeric passwords, and change them frequently (or immediately when an employee quits.)
  • Keep equipment secure and change door locks when keyholder employees quit.
  • Store sensitive paper documents securely in locked file cabinets or other secure areas that are inaccessible to unauthorized employees.
  • Closely study the security practices of your outsourced service partners; such as payroll, web hosting, CSR, and other back-office providers.
  • Establish, regularly review, and modify, specific procedures to help prevent a breach.

See also: Is data breach insurance worth it?

Leave a Comment

Your email address will not be published. Required fields are marked *

Credit Card Processing exposed

Use the secrets that credit card processors don't want
you to know to drastically lower your credit card
processing fees.

Read Now!
 

You might also like…

View all articles..