Safeguard Your Customer’s Financial Data by Providing Secure Payment Systems

Every time your customers submit payment information to you, they are placing their financial security in your hands. They are trusting you to protect them — and betraying that trust, even inadvertently, can cause them to lose confidence in your entire organization.

It might seem dramatic, but think about it. Pretend you are walking around a park with your family. Your son sees an ice cream cart and begs for a chocolate cone, so you give him a $20 bill to get some ice cream and instruct him to bring back the change. When he comes back with the ice cream, he doesn't have any change — he lost it. Chances are you won't be sending him off with cash any time soon.

Now, if losing less than $20 in change would be enough for you to lose confidence in someone — imagine how much more severe it is when a business loses mass amounts of financial data. You will eventually grow to trust your son and send him off for ice cream on his own again — but there is a strong chance your customers won't be as understanding if their bank accounts and credit cards are compromised on your watch.

Your entire reputation can be destroyed by a single financial data breach — which is why it is so essential for you to secure all of the financial transactions that take place on your watch. A VPN is an important tool that allows you to offer secure payment systems, and ensure your customer's financial data remains protected by having strong POS encryption and protecting any financial transactions that occur in the cloud. For example, by applying encryption over communication between POS systems and the central payment handling systems.

POS Encryption and Cloud Security

More and more IT infrastructures are switching over to the cloud, and many financial transaction systems now operate almost entirely on the cloud. Which means companies have to find new ways to secure those systems — including their POS systems. POS systems are computerized systems that allow businesses to track sales, cash flow, inventory, and process payments. You’ve probably seen them in action when your waiter or waitress sends your order to the kitchen, or when a cashier rings up your order and swipes your card.

A VPN can offer a type of POS encryption by way of encrypting the contents of the communications to and from it. A VPN can secure communications from the POS system to the payment solution provider's systems by encrypting the data communications. With OpenVPN Access Server it is possible to route such a secure VPN tunnel between different cloud environments, data centers, or on-premise systems. A VPN server implemented in one cloud environment with VPN clients connected from other cloud environments, data centers, or on-premise systems, would allow secure communications between these systems, even if the connection over which the VPN tunnel is established is a public network like the Internet. The strong encryption standards used in OpenVPN ensure the data being transferred securely through the VPN tunnel could not be eavesdropped upon.

OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of secure remote access solutions with fine-grained access-controls. Starting with the fundamental premise that complexity is the enemy of security, OpenVPN offers a cost-effective, lightweight alternative to other VPN technologies that is well-targeted for the SME and enterprise markets. OpenVPN Access Server creates value by delivering a platform for enabling secure, remote access to applications deployed on a physical or virtual network, and the ability to access cloud services securely and quickly.

POS Terminal Encryption — A Case Study

Consider Sicom, a company that supports leading restaurants and food service providers by providing end-to-end enterprise platforms exclusively designed for quick service and food service communities needed to secure their resources. Their quick service restaurant technology is used worldwide, and they serve over 25,000 restaurants spanning more than 60 countries.

This company believes that speed, experience, engagement, growth, quality, profitability, visibility, and accuracy all matter to restaurant success — and that technology is the best way to meet those goals.

Their challenge? Securing POS transactions and offering secure payment systems. This company’s hybrid-cloud POS systems rely on the cloud for configuration, reporting, payment processing, and all other services. What they needed was a way to connect their POS to these cloud-based services securely. They deployed our OpenVPN Access Server software on their cloud coupled with our connect client software for Windows. This provided the company with POS terminal encryption and cloud security, which resulted in completely secure payment systems.

Because of that, this company has a peace of mind knowing its critical cloud-based services are being securely delivered to more than 16,000 of its POS systems.

How To Secure Payment Systems

If you are looking to provide secure payment systems and POS encryption, allow access to private Cloud applications and resources, extend your datacenter into an IaaS Cloud, or create a multi-cloud private overlay network —  you can do it all securely, easily, and quickly by installing OpenVPN Access Server.

OpenVPN AS supports multiple configurations such as secure remote access to an internal network and private cloud network resources with fine-grained access control, and can handle site-to-site connections, or letting remote employees connect in from their mobile devices or computers from home or on the road, or connect whole networks in one-way or two-way type of access, depending on the situation. The OpenVPN Access Server setup consists of three main components:

• Access Server is the underlying component that handles routing, tunnelling, and encryption — including a type of POS terminal encryption.
• Admin Web Interface makes the server management simple through an easy to use control panel.
• Connect Client can be downloaded directly from the Access Server and allows login through the Access Server web portal.

The server software is available for a variety of Linux distributions and versions. The OpenVPN Access Server Software Packages page can provide you with more information on those.

Installing Access Server is simple — just download the appropriate package for your system and then use a package manager to install it. If your business utilizes an Infrastructure As A Service (IaaS) Cloud provider, you can extend those benefits to your VPN Server by using our preconfigured solutions for AWS, Azure, GCP, Digital Ocean, and Oracle.