First Data’s TransArmor Security
Owning a business is complicated and it can be difficult to completely protect yourself from data breaches. Whether you have store and distribution center locations that number in the hundreds with tens of thousands of employees or run a two-man shop, constant vigilance over access points and sensitive data is a continuous, ever-changing security obstacle. This places greater burden on businesses who invest painful amounts of money into PCI compliance, yet still remain vulnerable to data breaches.
Chances are you don’t have the time to become an expert in security or payment technologies. You’re busy trying to understand customer needs so you can deliver the right goods successfully and efficiently: hopefully at a profit. So if you’re a First Data customer, you may be wondering if the TransArmor security solution is right for you, or a waste of money.
- What is TransArmor?
- How does it work?
- Who is TransArmor good for?
- How much does it cost?
- I don’t want TransArmor. How do I cancel it?
- Best Practices for Security
What is TransArmor?
TransArmor is a suite of security tools available to all First Data customers, including those businesses who use First Data through a reseller, or “ISO.” First Data is one of the largest credit card processors in the world, and many smaller companies resell First Data services. If you're not sure if you're eligible, ask the company you use for credit card processing.
First Data’s TransArmor security solution helps mitigate many traditional risks by using security technology like encryption and tokenization. It also includes a liability waiver of up to $100,000 for costs associated with a data breach should you have one.
How does it work?
TransArmor is a dual-layered system that features both encryption and random-number tokenization. Developed jointly with its security partner RSA, TransArmor removes sensitive cardholder information from your network by replacing the card data with a pair of random numeric tokens. (These same token values can be used for subsequent transactions such as loyalty programs and returns.)
The chief advantage of that is you’ll only hold encrypted token(s), not sensitive card information. So if your database (or mobile device used to take the payment) is the target of a hacker or is physically stolen, there is no customer card numbers or other payment information archived. The hacker or thief will get only meaningless tokens.
Who is TransArmor good for?
If you have significant amounts of monthly credit card sales or perform a lot of payment transactions out in the field, you could see some distinct advantages in TransArmor, as this heightened security essentially "transfers" a great deal of liability for a breach "up the line” to your bank and/or First Data. You may even be able to drop your data breach insurance – especially if the coverage premiums exceed the Trans Armor subscription rates.
Note that First Data clients are generally enrolled in TransArmor by default. CardFellow clients can be exempted from TransArmor enrollment.
How much does it cost?
TransArmor as an add-on to your processing usually costs $14.95 - $19.95 per month. That’s in addition to any other monthly fees and to the costs of processing, which can be set by First Data (if you have a direct account) or an ISO (reseller.)
First Data and its resellers set pricing for processing on a per-business basis. If you want to get a fully-disclosed and compelling quote from First Data, you can use our free quote request tool.
CardFellow clients can be exempted from “forced bundling” of TransArmor when choosing a quote through the CardFellow system.
I don’t want TransArmor. How do I cancel it?
The method to cancel TransArmor depends on your specific situation.
If you have a direct account with First Data…
Those who wish to opt out of TransArmor must call First Data to do so. Just sending an email will not suffice. When you call, make sure to get the customer representative’s name and identifying number as there is no guarantee First Data will confirm your cancellation via email. Check your processing statements to verify cancellation. You may find that you need to contact First Data multiple times to ensure your request is handled.
If you have an account with an ISO/reseller of First Data processing…
If you wish to opt-out of TransArmor that is bundled into your processing account with your bank or a processing company, get in touch with your processing representative. Check your processing statements to verify cancellation.
If you have an account with CardFellow…
If you’ve been charged for TransArmor and don’t wish to use it, give us a call or send us an email. We’ll get the issue resolved for you.
TransArmor and Clover POS Systems
Clover POS systems are an exception to the opt-out for TransArmor. If you use a Clover Station, you’re required to use TransArmor.
Best Practices for Security
Though TransArmor can alleviate anxieties regarding customer data safeguards, remove concerns about card data storage, and help counter rising PCI compliance costs, it is no security “silver bullet.” Data protection is a multifaceted process that involves not only IT and database systems, but the people using them. A comprehensive program is only as strong as its weakest link, and evolves over time.
Today’s payment security solutions like TransArmor – and future leading-edge data security products – work best with traditional “common sense” best practices to dramatically reduce or eliminate data breach risk.
- Use a combination of fraud protection and security software.
- Create complex alpha/numeric passwords, and change them frequently (or immediately when an employee quits or is let go.)
- Keep equipment secure and change door locks when keyholder employees quit or are let go.
- Store sensitive paper documents securely in locked file cabinets or other secure areas that are inaccessible to unauthorized employees.
- Closely study the security practices of your outsourced service partners; such as payroll, web hosting, CSR, and other back-office providers.
- Establish, regularly review, and modify, specific procedures to help prevent a breach.
See also: Is data breach insurance worth it?
Gary Bowen is a communications consultant and occasional journalist. He periodically writes about technology, software, outsourcing, finance, sports, and legal topics - since the days of the Arpanet.