TSG is reporting a surge of interest from forecourt operators in Prizma, which it describes as “one of the most secure payment systems” on the market today.
The interest comes as consumer demand for convenience and speed drives the adoption of digital payment systems across the fuel retail sector, particularly contactless payment systems and mobile apps. TSG says this surge in digitalisation has resulted in more frequent, costly and damaging cyber incidents for forecourt owners.
Its Prizma epos system meets the stringent data security requirements of the Payment Card Industry Data Security Standard (PCI DSS) – and surpasses them. Designed to combat fraud, Prizma offers enhanced control over credit card data via a virtual private network (VPN). This VPN encrypts customer identity and payment information during transactions, significantly reducing the risk of data breaches.
Prizma enables forecourt owners to configure user permissions and limit system access, assigning each user a unique identifier and a complex password. This set-up ensures that all actions can be traced back to a specific user, maintaining accountability. Data security is essential for any cloud-based, connected solution; consequently, no card numbers or sensitive personal information are stored.
TSG says Prizma integrates with all service station systems, including dispensers, indoor and outdoor payment terminals, connected CCTV, tank-level gauges, price pole signs, the back office and the car wash.
The company adds that when it is integrated with the online authorisation and switching environment (OASE), Prizma elevates data protection to an entirely new level.
OASE supports payments at the epos and accepts all major credit, debit and fuel cards. This straightforward, yet highly secure payment system, simplifies protocol implementation on-site by utilising a central switch point. A single security scheme, based on a triple data encryption algorithm with a derived unique key per transaction (3DES DUKPT), and a single protocol, based on the International Forecourt Standards Forum (IFSF), are all that are needed to connect the epos with OASE. This setup ensures that all bank card payments are processed according to their specific security guidelines.
OASE also includes velocity controls to detect potential fraud by monitoring the frequency of multiple transactions from a single buyer. Each business can establish site-specific rules using stop/allow lists and corresponding settlement files. TSG enhances the end-host service with a modern, user-friendly, cloud-based module that manages transactions, stop lists and clears PIN attempts in real time.
Similar to Prizma, OASE adheres to PCI DSS standards. Its independence from third-party software has earned it recognition as one of the most secure payment systems available today.
If support is needed for either TSG’s EPOS or OASE payment systems, remote access is restricted to one of six highly skilled technicians after site permission is granted. The dedicated server is secured in a locked-down room, protected from physical attacks by restricted security card access.
To some people, all this may sound too technical but Teresa McDermott from Jet Lower Kilburn in Belper, Derbyshire, says TSG systems are easy to use and the support is always there is you need it.
“We’ve always had TSG pumps and epos and it’s been very reliable. It’s also very easy to use and is regularly updated to ensure efficiency. Epos data is easy to access and if we ever have any problems TSG engineers are quick to help us out.”
