Ingenico’s Incendo Online 1st “smart client”-based solution PCI-PTS compliant

Download as PDF

Incendo Online enables, thanks to its “smart client” architecture, to connect Ingenico payment terminals, through a specific web browser, to a full portfolio of payment services and value-added services hosted on remote servers. These value-added services, such as loyalty, gift card, prepaid mobile top-up, etc increase in-store traffic and customer’s loyalty and generate extra revenues for the merchant.

Incendo Online constitutes a new paradigm in today’s world of card payment and value-added services: content is no longer embedded on the terminal as it is the case today, but is “in the cloud” and activated on demand. The challenge for Ingenico was therefore to bring this solution to a security level at least equivalent to the one of classical embedded applications. This has led Ingenico to design specific security mechanisms so content and applications developed on Incendo Online framework do not represent a threat to users.

In order to validate the overall security of the solution, Ingenico has submitted Incendo Online to a laboratory specialized in security audit for payment solutions and terminals. The outcome of the audit is that it is in compliance with Payment Card Industry Security Standards Council’s (PCI SSC) PIN Transaction Security. Incendo Online is the first “smart client” solution on the market to be compliant with PCI-PTS v2 and v3.

Incendo Online provides Ingenico customers with a flexible web-based platform ensuring an optimum level of security”, says Stéphane Jacquis, Group product management director. “Banks, acquirers, processors and retailers can therefore develop and deploy in full confidence innovative new services on their terminals without any risks for their existing payment infrastructure”.