March 12, 2007

Credit Card Data Theft: They Can’t Steal What You Don’t Have®

LAS VEGAS, Nev. (March 12, 2007) ? Shift4 Corporation, a leading provider of enterprise payment solutions, offers a certified and proven system that protects merchants against the theft of personal credit card information. Not affiliated with any financial institution, processor or card brand, Shift4 works directly with merchants to help them efficiently manage credit card payment acceptance and become compliant with Payment Card Industry Data Security Standards. Shift4?s breakthrough technology has been deployed with thousands of locations across the United States.

“Recent security breaches and theft of personal credit card data are costly reminders that conventional security is vulnerable to attack because personal data is retained within merchant systems,” said J. D. Oder II, Shift4 Vice President/Chief Technology Officer. “Encryption alone is not the answer because the keys associated with it are never completely protected. The best way to secure data is to not store data at all. In fact, we tell our customers, ‘They can?t steal what you don?t have®.’ ”

Shift4 Corporation’s DOLLARS ON THE NET® provides high-speed and low-cost authorizations and settlements for credit, debit, check, private label and gift card transactions. This system is based on Tokenization technology ? developed and publicly released by Shift4 ? that provides a greater level of security by removing all usable personal card data from the entire transaction process, including point-of-sale devices.

Tokenization is superior to encryption because it substitutes a unique identifier (a token) for a card number, so sensitive personal card data is never in the system. The merchant swipes the card and sends the data through a gateway to a processor and receives back an approval. Credit card data is converted to a token: a globally unique, randomized representation of credit card data that is 16 characters long. Only the token is stored in the system.

“The merchant does not need the card number or data past the initial request, so storing this information is unnecessary. The entire liability to protect the card data is now on the gateway, where it should be,” Oder said. “When there is no useful data in the system, there is nothing for data thieves to access and use. Further, if no data is stored on site, the merchant has a significantly reduced PCI compliance burden,” Oder added.

DOLLARS ON THE NET is certified to be in compliance with all card association regulations, including AVS and CVV2. This application and Shift4?s data center are recognized by Visa USA as compliant with Payment Card Industry Data Security Standards.

About Shift4 Corporation

Shift4, a leading developer of secure financial transaction processing software and services, provides web-based, real-time enterprise payment solutions for leaders in the hospitality, retail, foodservices, auto rental and e-commerce markets. Through connectivity to most major processors, DOLLARS ON THE NET provides both high speed and low cost authorizations and settlements for credit, debit, check, private label and gift card transactions. DOLLARS ON THE NET also includes the ability to access, review and edit transactions prior to settlement, as well as a searchable, 24-month archive of transactions for reporting and charge back defense. For more information, contact Marketing Department at (702) 597-2480 or visit Shift4 online at