EMV Healthcare Solutions
With AxiaMed's clean API, your software can easily integrate with an EMV / chip & PIN capable payment terminal in order to process chip embedded credit cards. Our solution minimizes the scope of our client’s PCI audit by removing the desktop/workstations from the payment data ecosystem. AxiaMed provides added payment security by encrypting data at the time of swipe or key entry. Additionally, all data is transmitted over HTTPS ensuring that credit card transactions have a dual layer of security.
Payment Fusion, AxiaMed's Payment Integration as a Service for ISVs, makes it easy for software companies to provide an EMV-ready payment solution to clients. For more information, go to www.paymentfusion.com .
The Axia ePay Fraud Stopper is built on a Module Stack Design. Each module controls a different aspect of security and clients can choose which modules to include in the fraud control stack. Some examples of modules include: Duplicate Transaction Control, Block by Country, Clock by IP address, and many more. The Module Stack Design provides the opportunity for clients to add or change their fraud modules depending on their unique security needs. Axia ePay is always adding new fraud modules to the Fraud Stopper to keep our clients up to date with the latest fraud security.
Fraud Stopper also allows clients to apply different fraud settings to different keys or sources. For example, a client may wish to implement a high level of fraud control for an online shopping cart, but a lower level on the console for their own employees.
AxiaMed is compliant with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). To learn more about how to protect PHI and HIPAA compliance rules http://www.hhs.gov/ocr/privacy.
Point to Point Encryption
The Axia ePay gateway uses point to point encryption (P2PE) to strengthen its security measures. P2PE encrypts card data from the entry point of a client’s point-of-sale (POS) device to a point of secure decryption outside the client’s environment, such as a payment processor. The purpose of P2PE is to address the risk of unauthorized interception associated with cardholder data-in-motion during the transmission from the POS terminal to the payment processor.
Certification for payment applications can be at time consuming and tedious endeavor for any software vendor. The costs can be quite significant and the certification process is a distraction to the core business of your software application. Integration with our API ensures that you are completely out of "PA-DSS scope" and are not required to certify your application with a qualified security assessor.
Secure Socket Layers (SSL)
All of Axia ePay’s communications and processing occur through Secure Socket Layers (SSL). To ensure an even higher level of security, we use 1024-bit SSL encryption with all of our transactions.
Third-Party Security Scanners/Assessors
Axia ePay uses multiple third-party security companies to ensure that our security is always meeting the strictest of industry security standards. Every security assessor working with Axia ePay provides a seal for our clients to view our certification for meeting security standards. Trustwave, McAfee, Security Metrics, Qualys, and ControlScan are a few of the security scanners and assessors that we utilize.