Data Security

Portico supports multiple methods of securing transmitted and stored data. The following sections cover the details around the supported encryption and tokenization options. The primary options are Heartland End-to-End Encryption (E3) and Heartland’s Enterprise Tokenization Service (ETS). These options can be used together or independently.

E3 encrypts card data at the point of entry in a hardware solution such that the POS never handles data in the clear.
Tokenization allows merchants to store a value that represents a card number for future processing. These tokens are referred to as multi-use tokens, since they can be used over and over as a reference to the original card data.

Portico also supports single-use tokens. These are obtained via Heartland’s SecureSubmit product. They are helpful when the merchant has a client application (browser, mobile application, etc.) obtaining card data and sending it to a merchant server.

If the client first exchanges the payment data for a single-use token and sends this to the server, the server never handles card data. This requires additional boarding, integration, and certification steps. This option can be used independently or along with the other data security methods.