Secure Payment Gateway
Secure payment gateway to protect customer data
Payway’s secure payment gateway is PCI-DSS certified, meeting all the required steps to ensure the highest level of payment processing security of customer card data. With our P2PE solution, merchants can reduce their PCI-DSS scope.
To ensure that payment is fully protected at each stage of the payment process, our secure payment gateway provides encryption, tokenization, P2PE and 3D Secure for eCommerce.
Tokenization and vault technology
Payway includes complimentary tokenization to both protect cardholder data and speed up recurring payments. It works by replacing primary account number (PAN) data with a token — a unique value only recognizable to us. We protect the token with superior vault technology and store it in one of two data centers hosted by Armor, a cloud-based facility in compliance with PCI requirements.
P2PE removes customer data from the premises
We offer point-to-point encryption (P2PE) as an add-on to Payway to help merchants reduce the scope and cost of PCI-DSS compliance, while further protecting cardholder data from potential hackers. You see, with P2PE, merchants don’t ever acquire, house or manage personal data, making it easy to satisfy your system auditor. Learn more about our P2PE partnership with Bluefin.
3D Secure for eCommerce
EMV 3D Secure is a globally accepted authentication solution designed to make eCommerce payment processing more secure in real-time by providing an additional layer of security.
It enables the exchange of data between the merchant, card issuer and when necessary, the cardholder to validate that the transaction is being initiated by the rightful owner of the account.
Whether you operate with card-present or card-not-present, should disaster strike in any way, shape or form, the Payway team is available 24/7 to help recover data, reset systems, or otherwise reestablish your payment processing abilities. You can trust us to always be there for you, especially when you need us most.
Bluefin® partnership delivers P2PE power
An innovator in authentication and data protection, Bluefin helps us safeguard your business and your customers.
When you add point-to-point encryption to Payway, we employ the power of Bluefin’s secure card readers and PIN pads. These devices encrypt cardholder data in such a way that it is never accessible to the merchant.
In fact, the methodology is so effective that the Bluefin device helps you achieve PCI DSS compliance, helping you to reduce the amount of applicable controls during a merchant audit.
Cardholder data is swiped or keyed into a Bluefin device and immediately encrypted into a complicated mathematical string.
The encrypted string is delivered to Payway for routing through Bluefin environment, where it is decrypted.
Bluefin securely passes the primary account number (PAN) data to Payway for tokenization and storage into our data vault.
Payway then securely sends the PAN data out to the credit network for authorization.
Upon response from the credit network, the merchant is notified.
Contact us to put the power of
P2PE to work for you.
We are proud to support the following Bluefin device:
ID TECH SREDkey 2
Swipe and keypad