As Council’s Newest Participating Organization Sphere to Contribute to The Development of PCI Security Standards
Nashville, TN, November 25, 2019 — Sphere, the leading provider of end-to-end integrated payments and security software, announced today that it has joined the PCI Security Standards Council (PCI SSC) as a new Participating Organization. Sphere will work with the PCI SSC to help secure payment data worldwide through the ongoing development and adoption of the PCI Security Standards.
The PCI SSC leads a global, cross-industry effort to increase payment security by providing flexible, industry-driven and effective data security standards and programs. The keystone is the PCI Data Security Standard (PCI DSS), which provides an actionable framework for developing a robust payment card data security process and preventing, detecting and mitigating criminal attacks and breaches.
“We have tremendous respect for the work of the PCI SSC, and for the organizations that have worked to continuously evolve the PCI Data Security Standard (PCI DSS) to meet the changing threat landscape encountered within the payments system,” said Dr. Heather Mark, Ph.D., Director of Compliance and Security at Sphere. “I’m excited that Sphere is joining their effort to further the protection of payment account data.”
As a Participating Organization, Sphere adds its voice to the standards development process and will collaborate with a growing community of more than 800 Participating Organizations to improve payment security worldwide. Sphere will also have the opportunity to recommend new initiatives for consideration to the PCI Security Standards Council and share cross-sector experiences and best practices at the annual PCI Community Meetings.
“In an era of increasingly sophisticated attacks on systems, PCI Security Standards and resources help organizations secure payment data and prevent, detect and mitigate attacks that can lead to costly data breaches,” said Mauro Lance, Chief Operating Officer of the PCI Security Standards Council. “By joining as a Participating Organization, Sphere demonstrates they are playing an active part in improving payment security globally by helping drive awareness and adoption of PCI Security Standards.”
“We are excited to demonstrate Sphere’s commitment to security and compliance through our participation in the PCI SSC. Through our participation, we hope to be able to work towards a safer, more secure payments ecosystem, which serves to benefit us all,” said Steve Rizzuto, Chief Executive Officer of Sphere.
About the PCI Security Standards Council
The PCI Security Standards Council is a global forum that is responsible for the development, management, education, and awareness of the PCI Data Security Standard (PCI DSS) and other standards that increase payment data security. Connect with the PCI Council on LinkedIn. Join the conversation on Twitter @PCISSC. Subscribe to the PCI Perspectives Blog.
Sphere, powered by TrustCommerce, is a software and financial technology company providing integrated solutions that reduce friction and facilitate better and more secure commercial interactions with customers in specialized verticals markets, primarily healthcare, non-profit, transportation and education. Sphere’s integrated payments technology and security software enable its clients to process payments in a way that is: highly secure and compliant, integrated with their core business software, omnichannel, and processor-neutral. Sphere’s partner-centric focused payments solutions serve small, midsize and enterprise level businesses and software companies in the U.S., Canada, and Australia. Connect with us on Twitter, and LinkedIn.
Sphere PCI Security Standards Council
Melody Hendricks Lindsay Goodspeed
This is a guest post from our partner, Qgiv.
As a nonprofit, much of your focus falls on fundraising and securing what you need to further your mission. But sometimes you’ll run into challenges like issues with payment processing or limited fundraising resources.
As proud partners, Sphere and Qgiv are working to change that. With Qgiv’s fundraising software, you can streamline each and every aspect of your fundraising process and boost your donation revenue. From there, you’ll be on your way to achieving your nonprofit’s goals!
There are many ways nonprofits can use Qgiv. From events to online campaigns, here are the top ways you can benefit:
- Online Donations
- Event Registrations
- Peer-to-Peer Fundraising
- Mobile Donations
- Silent Auctions
Leveraging a robust fundraising platform is the key to raising more. Let’s take a closer look!
- Online Donations
Many nonprofits are moving to online donation forms, but the ways in which they create their forms will vary. Some are turning to third-party payment processors, though there are other solutions that may be more appropriate and built with nonprofits’ specific needs in mind.
Fundraising software like Qgiv that allows you to create and customize an online donation form can drive more donations by encouraging completion. This is because you can:
- Brand the page to match the rest of your website. Maintaining consistent branding between site pages instills a level of trust with your donors. This will reassure donors that their gift is going directly to you and that their information is safe.
- Set up recurring donations. Recurring donations give your supporters the opportunity to give on a regular basis (monthly, annually, etc.) so they can continuously support your organization without much effort on their end.
- Suggest giving amounts. Suggested giving amounts help guide your donors who are unsure of how much they want to give. Having a point of reference is helpful and can often encourage donors to give larger gifts.
- Offset processing fees. Donors that use GiftAssist through Qgiv can offset the processing costs associated with their donation, which means you get to keep more of the donor’s gift.
Qgiv offers each of these elements while remaining PCI-compliant, which means your donors’ payment information and other personal data will always be safe and secure. Leverage online donation forms that can be customized to your organization (and offer security!) and you’ll be on your way to bringing in more donation revenue.
- Event Registration
When attendees register for your event, that’s your nonprofit’s first chance to make a great impression. Registering for events should be easy and efficient for supporters, and with the right platform, your nonprofit can make sure that signing up is a breeze.
With Qgiv’s registration software, you can create a smooth user experience when supporters come to register for your events. For example, you’ll be able to:
- Provide a variety of registration options, such as packages for groups, discounts, and private VIP packages.
- Boost event attendance by enabling social sharing options so guests can invite their friends.
- Automate your process by cloning annual events and accessing real-time registration data so you can focus more on planning an amazing event.
- Easily reach out to your attendees to remind them about your event.
By incorporating event registration software into your strategy, you’ll be able to boost event attendance, accommodate different registration needs, and ensure your focus remains on running the best event possible.
- Peer-to-Peer Fundraising
Peer-to-peer fundraising is a powerful, socially driven fundraising method that can help you tap into new donor networks that you wouldn’t have otherwise reached. During a peer-to-peer campaign, nonprofits recruit their supporters to fundraise on their behalf.
Here’s how it works:
- Your nonprofit sets a campaign goal and posts its main campaign page.
- After some coaching and training, your peer-to-peer participants set up their own individual campaign pages.
- Your participants share their campaign pages with their greater networks.
- People in those networks are encouraged to donate to participants or create their own fundraising page.
But just running this type of campaign isn’t enough. It’s important to leverage a peer-to-peer fundraising platform that handles multiple participant campaign pages and allows you to track the progress.
According to Qgiv’s guide on peer-to-peer fundraising, you can increase your fundraising results using software elements like gamification. Gamification incorporates “game-like” elements to spark friendly competition and further motivate your supporters. These include:
- Leaderboards, which display the participants who raise the most funds.
- Fundraising thermometers, which show your progress towards your goal.
- Badges, which reward participants once they’ve reached a certain milestone or achievement.
Using the right peer-to-peer fundraising platform can maximize your results and keep you on track to reach your ultimate goal. When you leverage software that offers gamification elements, provides robust reporting, and collects donations through personalized campaign pages, you’ll be on your way to hosting a successful fundraiser.
- Mobile Donations
As most of us are constantly on our smartphones these days, nonprofits can and should offer convenient ways to give straight from a phone. With Qgiv’s text fundraising features, you can offer an easy, straightforward giving channel to your donors.
There are two types of solutions you can take advantage of:
- Text-to-donate. This is a mobile fundraising method wherein donors initiate a gift via text before visiting a mobile form to complete their donation.
- Text-to-give. This is a mobile fundraising method wherein donors are billed the donation amount on their phone bill.
Both of these solutions make it easy to give on the go and can significantly widen your donor network, as more and more donors prefer to give on their phones. Find more donors by implementing this type of software into your fundraising strategy and provide a positive user experience as individuals give.
- Silent Auctions
When it comes to hosting large events, using a software solution that can streamline each aspect of your planning process is essential. We’ve already discussed event registration software, but what about creating donation opportunities at the event itself?
If you’re planning to host a large event that includes a silent auction, you can use Qgiv’s silent auction software to streamline the bidding process, payments, and more. Once you learn how to run a silent auction, you can raise a lot with the right tools.
- Real-time bidding. Rather than using web-based forms or paper auction sheets, use a silent auction software app that allows bidders to build a watch list and set maximum bids, and streamlines the overall bidding process.
- Registration and check in. Make it easy for supporters to register for your event and check in upon arrival.
- Event purchases. Let guests purchase raffle tickets or merchandise via the silent auction app and add them to a running tab.
- Checkout. Streamline the checkout process by allowing guests to pay for auction items they won, as well as other purchases and donations, through the app.
- Reporting. Robust reporting features let you view event registration, bids, and other transactions. You can then export all of this data to your integrated CRM.
Simplify every aspect of your silent auction using Qgiv’s auction software. When your guests have a good experience at your event, they’re more likely to give again and take part in future events. When there’s less frustration surrounding the planning and execution process of your auction, this will benefit everyone involved.
Part of planning a successful auction also means procuring the right items. Check out a list of great auction item ideas here.
Your payment processing shouldn’t cause a headache. With solutions brought to you through Sphere and Qgiv’s partnership, you can raise a lot more through additional channels you might not have otherwise been able to access.
Keep your donations and payments organized and your campaigns running smoothly with easy-to-use software features that will keep your donors coming back. After all, they make up the foundation of your nonprofit. Reach new heights with the right solution for you!
Together, Sphere and RMS will allow for a more complete view of the revenue cycle, including health plan and patient-level payment data.
Nashville, TN, November 7, 2019—Sphere, the leading provider of end-to-end integrated payments and security software, has partnered with Revenue Management Solutions (RMS), the leading technology-based healthcare remittance automation platform, allowing RMS to provide a comprehensive payment platform spanning across payer and patient payments.
RMS simplifies the complete revenue cycle by automating remittance management and eliminating manual processes. This solution scales to fit the unique needs of any healthcare provider from a single-doctor practice to a multi-facility hospital system. Trusted by more than 40 commercial banking partners and 1,000 providers, RMS solutions save time, reduce costs and improve efficiency.
The combination of the Sphere payment platform and RMS will greatly enhance remittance processing by allowing for a more complete view of patient revenue that includes both health plan and patient-level transaction data. Through dashboard and reporting tools, users will benefit from a clearer picture of health plan, patient payments, the payments breakdown, and other valuable insights.
With deep integrations into popular Electronic Health Record (EHR) software, the Sphere payment platform delivers broad payment acceptance functionality that is highly secure, compliant, and scalable.
“RMS has a long established track record in solving the complex challenges of healthcare remittance processing,” said Steve Rizzuto, Chief Executive Officer of Sphere. “With relationships with top financial institutions and other large health systems, we are pleased to partner with RMS.”
“At high velocity, Sphere is expanding our strategic partnerships to include more of the healthcare revenue cycle,” said Andrew Rueff, Executive Chairman of Sphere. “As patient out of pocket expenses increase and become a greater part of healthcare providers’ revenue, solutions that provide consolidated financial information are critical. Our combined solution with RMS achieves this goal and much more.”
“Sphere’s commitment to providing secure, integrated payment processes allows us to expand our offerings to our healthcare and financial customers alike while maintaining the sacred trust we have earned,” said Scott Thomas, Chief Executive Officer of RMS. “We are very excited to partner with Sphere to help shape the new payment experience from that of a patient to a customer in the healthcare market.”
For more information on Sphere, please visit http://www.spherecommerce.com.
Sphere, powered by TrustCommerce, is a software and financial technology company providing integrated solutions that reduce friction and facilitate better and more secure commercial interactions with customers in specialized verticals markets, primarily healthcare, non-profit, transportation and education. Sphere’s integrated payments technology and security software enable its clients to process payments in a way that is: highly secure and compliant, integrated with their core business software, omnichannel, and processor-neutral. Sphere’s partner-centric focused payments solutions serve small, midsize and enterprise level businesses and software companies in the U.S., Canada, and Australia.
Founded in 2006, and based in Oklahoma City, Oklahoma, RMS is the leading technology-based healthcare remittance automation platform tool available in the market. Currently used by more than 1,000 acute care, revenue cycle management, dental and pharmacy clients, RMS allows healthcare providers, outsourcers and facilities to optimize the remittance matching, reconciliation, and management processes. The Company, which processes nearly 14 million transactions each month, offers its technology-driven solutions both directly to customers and through established channel relationships with leading financial institutions throughout the United States.
For more information, please visit https://www.rmsweb.com/.
Ever wonder who’s after your data? What about what they’ll do if they get it? The danger isn’t always obvious, so what do we need to look out for?
Join us Wednesday, December 4, 2019 at 10:00 a.m. PST to learn how to responsibly handle client data to reduce the impact of a possible security breach. Dr. Heather Mark, Director of Compliance and Security, will share tips on how to keep your data safe from potential security breaches, including:
- What to do with data you don’t need
- The importance of establishing information security policies and awareness
- Selecting providers that are focused on protecting your data
- And more!
Space is limited, so make sure you register while spots are available.
About the Speaker
Dr. Heather Mark, PhD, CCEP, Director of Compliance and Security, oversees compliance and security. In this role, she’s responsible for promoting and ensuring that Sphere is in compliance with relevant law, regulation, and industry standards, and that its products promote and enable compliance for clients and partners. Previously, she served in various senior leadership roles, most recently at a wholly-owned subsidiary of a global payment processor, card issuer, and merchant acquirer.
If you’re thinking of adding payment functionality to your software solution, you’ll definitely want to get familiar with these six phrases. Why? Because with Sphere they could be a part of your daily payment experience.
Independent Software Vendors (ISVs) can embed Sphere credit card processing capabilities within their applications, allowing clients to take customer payments in one seamless process. If you’ve ever considered payments, you’ll quickly realize there’s a whole new language to learn and set of acronyms. To get the most out of your partner search, let’s take a look at these six phrases you’ll want to associate with your payment functionality.
Think of the payment gateway as a piece of a more complex and robust payment solution. A payment gateway doesn’t just let you accept electronic payment types such as credit cards, debit cards, and ACH/electronic check payments—it’s much more than that. Sphere’s payment gateway gives your company a compliant and brandable experience customized by you. They’re your customers after all, so they should experience your brand from beginning to end, not a cookie-cutter checkout experience.
No matter the size of businesses you serve, chances are you’re still looking for the essentials: competitive rates on credit card processing, compatibility with a multitude of payment devices, and white glove, friendly service. That is automatic with Sphere. We aim to be a single source for all your current payment needs with room to grow in the future.
Security and trust are important aspects of a business relationship. That’s why Payment Card Industry Standard (PCI) compliance is essential, especially when data breaches are reaching the news on almost a daily basis. Know that your customer’s information is handled safely and securely with Sphere. Our solutions are PCI compliant (and then some) and help reduce your scope.
Validated Point to Point Encryption (VP2PE)
Remember the “and then some” we mentioned before? This is it. Sphere is the leading provider of secure electronic payment acceptance and risk management solutions which is why we offer validated point to point encryption (P2PE), Powered by TrustCommerce. That means your customer’s sensitive data stays safe, even in its encrypted state. With P2PE, your customer’s confidential information will be indecipherable to third parties.
Affectionately called “the card with the chip thingie” by customers, Europay, Mastercard and Visa (EMV) is the new standard for smart cards. EMV adds an extra layer of protection for customers and is quickly becoming the preferred method of payment for many, becoming synonymous with “fraud protection.”
Hosted Payment Page
Having a hosted payment page means that you don’t have to take on additional liability customer’s data passing through your systems. Sphere will do that for you, and with our security features and complete branding continuity, you can be assured that your customers are using a secure e-commerce payment capture solution. This simple, yet sophisticated solution allows for text-to-pay, email, within app and online payment acceptance.
Does your current payment integration offer the same functionality as Sphere? If not, it might be time to upgrade to a company with a record for being secure, innovative and customizable. See these six phrases in action with Sphere.
When it comes to choosing an integrated payment partner for your solution, there’s a lot to consider: do you go with a familiar company? Or, a fresh option? Ideally, you want something that’s perfect for your business, but often solutions are either more than you need (at an exorbitant price), or not enough.
More often than not, money tends to drive these decisions. But there are other things you should ask yourself before picking the right payment processing engine for your solution. Perhaps the most important question should be:
“What can your payment processing partner do for you?”
Your business deserves more than “adequate” service, and that’s where we come in. With decades of experience advancing technology and putting clients first, Sphere is the natural choice for credit card processing. With Sphere, you instantly connect your customers with the most comprehensive, secure, end-to-end payment processing solutions. Let’s take a look at the top three benefits of integrating payments with Sphere.
- Sphere Helps Drive Your Business Revenue
Shouldn’t your payment processing partner do more than just meet your immediate needs? Sphere does. We help drive your business, providing you with more than just a point-of-sale system—in step with you as you grow.
Our products and services have all the payment features you need today and tomorrow, including:
- Virtual Terminal
- Transaction Security
- Open API
- Data Storage
- E-Commerce Payment Pages
- Reporting and Reconciliation
- Mobile Payment App
- Automated Recurring Billing Acceptance
Our applications support all major payment types including:
- Credit Cards
- Debit Cards
- PIN-less Debit
- ACH/Electronic Check Payments
- Purchase Card (Level II and Level III) Processing
- And More
Our systems integrate seamlessly with your current software requirements and adapt as you grow. The same thing doesn’t work for everyone; that’s why we offer custom options that work for you.
The right partner can make a world of difference. And in this competitive market, you should only trust the very best. We are an expert in our field, and we can help your business generate more revenue through technology and credit card processing.
- Strong Technology That Adapts
Technology is evolving quickly, and your payment processing system needs to be ready to change. Remember before credit cards had chips and certain outdated POS systems required awkward workarounds to make transactions work? Experience is everything, and your business needs a payment processing engine that’s future-proof.
Whether your software accepts payments through a single channel or many — Sphere can adapt to your business. With multiple integration options, and APIs in a variety of languages, it’s easy to get started.
There’s a growing need for a platform that can support more than just “basic” payment support. At Sphere, we understand the importance of flexibility. Businesses need integration that’s quick and efficient to support the way you do business today, as well as in the future. With our frictionless merchant application for credit card processing, we make it easy for your customers to sign up. To us, you’re a priority. We provide payment support that won’t slow you down.
- Manage Your Risk
Risk is never fun to talk about (and it’s even less fun to experience). Trust is an integral part of business, and a reputation of being secure and reliable is a necessity. Sphere helps you manage your risk by securing your data. We offer multiple methods to protect payments, including: validated point to point encryption, tokenization and hosted payment pages.
Get comprehensive risk management and security that allows you to defer much of the cost, risk and threat involved with handling cardholder information.
Payments shouldn’t be a hassle, nor should getting the support you need to resolve any issues that may arise. That’s why integrated software vendors who are specialists in these and other industries partner with us:
- Healthcare applications
- E-commerce & Shopping Cart Developers
- Membership management software
- Bar and restaurant applications
- Software Vendors
It’s time to take the complexity out of integrating payments. Accept payments your way with Sphere. Our payment processing solutions are designed for ease of integration with third-party software. Speak with the Partner team today.
By Dr. Heather Mark
The healthcare industry is, as most know, a heavily regulated industry. Government regulations detail how data is to be collected, shared, and protected. It details how patients can access their data. The way that research is conducted, how it is reported and a multitude of other factors. Layering in the protection of payment card data can seem overwhelming. Particularly given the size and complexity of health care networks – physicians’ offices, laboratories, hospitals, and clinics. Fold in a sprinkling of online bill pay, as well, and one can see how the prospect of complying with the PCI DSS, as well as other regulatory mandates, can be overwhelming. But PCI DSS compliance can be made more manageable by employing scope reduction strategies.
First things first, though. What is scope reduction? To understand this, one must understand what is defined as the Cardholder Data Environment, or CDE. The CDE is defined by the Payment Card Industry Security Standards Council (PCI SSC) as the “people, processes, and technologies that store, process, or transmit cardholder data or sensitive authentication data. ‘System Components’ include network devices, servers, computing devices, and applications… [and] any other component or device located within or connected to the CDE.” So, the scope of the CDE is any device or person that has access to cardholder data and any device connected to that component. For many organizations, in healthcare and beyond, that scope can seem fairly daunting. The objective of scope reduction is to minimize the number of components that come into contact with the cardholder data. By reducing the number of components that contact cardholder data, an organization can reduce its scope. This serves the purpose of reducing the complexity of the CDE, the cost and complexity of the PCI DSS assessment, and the work factor involved in maintaining compliance.
So, how can an organization reduce their scope? The first step is to know where and how payments are accepted. Questions that can help in that process include:
- Where does your health system physically accept electronic payments?
- Front Desk
- Call Center
- Emergency Room
- Gift Shop
- How do you accept payments in these locations?
- In Person
- EHR Software
- Does your EHR system offer a secure payment integration?
- Does your payment integration support?
- Validated Point to Point Encryption
- Hosted Payment Page for secure online transactions
- Secure recurring billing and installment payments
It is also important to determine whether or not you have appropriately segmented your CDE to prevent bringing your entire organization into scope. In other words, if your payment environment is connected to your corporate environment, without firewalls, routers or other appropriate measures in place to act as a DMZ, you could end up having to manage PCI compliance for every part of your network. Per the PCI DSS, “Without adequate network segmentation (sometimes called a “flat network”) the entire network is in scope of the PCI DSS assessment. Network segmentation can be achieved through a number of physical or logical means, such as properly configured internal network firewalls, routers with strong access control lists, or other technologies that restrict access to a particular segment of a network. To be considered out of scope for PCI DSS, a system component must be properly isolated (segmented) from the CDE, such that even if the out-of-scope system component was compromised it could not impact the security of the CDE.”
Another strategy that can be employed to reduce the scope of the CDE is to reduce the number of cardholder data touchpoints in the environment. The more the input of cardholder data can be reduced, the greater the level of scope reduction. Any number of solutions can be employed, but here is a brief description of the most effective means* of reducing interaction with cardholder data:
- Hosted Payment Pages – merchants can accept payments through the use of a hosted payment page. The Payment Page is hosted by a PCI DSS validated, registered service provider. The payment information posts directly from the consumer to the service provider, bypassing the environment of the healthcare provider.
- Tokenization – in this solution, the payment information is replaced with a randomly generated value that used to represent the payment mechanism. The healthcare provider can still use that token to process subsequent payments, as may be useful for patients on payment plans, reporting purposes, patient payment analysis, and chargeback or dispute purposes. The benefit here is the reduced payment data footprint within the organization.
- PCI Validated Point to Point Encryption (P2PE) – a P2PE solution is one in which the cardholder data is encrypted from the point of interaction (swipe, dip, entry) all the way through the processor. The payment is processed, but when the authorization response is sent to the healthcare organization, the payment data is replaced with a token.
As technology continues to evolve and healthcare organizations find new ways to connect with and serve their patients and communities, it is important to remain mindful of the potential risks that those new technologies may present. By implementing the above solutions, healthcare providers may find a strong balance between patient service and data security.
*The amount of scope reduction benefit for each of these solutions can vary depending upon the specific environment and the way in which they are implemented. It is highly suggested that all organizations consult with their Qualified Security Assessor (QSA) and/or their Acquiring Bank to determine the exact nature of the benefit afforded by these solutions.
Sphere’s partnership with Qgiv advances its software strategy in the charitable giving and nonprofit sector.
NASHVILLE, Tenn. (April 23, 2019)—Sphere, the leading provider of end-to-end integrated payments and security software, today announced it has made a strategic investment in Qgiv, Inc., (Qgiv) a provider of cloud-based fundraising software that facilitates payments as part of its solution for nonprofit and charitable organization fundraising. This partnership advances Sphere’s strategy to integrate deeply within high-growth core vertical markets by surrounding its current payments offerings in the nonprofit vertical with leading software.
Qgiv provides a variety of digital fundraising tools for nonprofit and faith-based organizations, including online donation forms, event registrations, peer-to-peer fundraising, text-based fundraising and messaging tools, giving kiosks, a donor-facing giving app, and more—all of which are easily managed from one control panel.
“Qgiv strategically complements Sphere’s growth initiatives to enhance technology that facilitates payments in more innovative and secure ways,” said Steve Rizzuto, chief executive officer of Sphere. “Their path to continued growth aligns with Sphere’s strengths in integrated, secure payment solutions.”
“The addition of Qgiv to the Sphere family of companies significantly advances our strategy of integrating key software applications to our core payments offering, in this case in the nonprofit and charitable giving sector,” said Andrew Rueff, executive chairman of Sphere. “Todd Baylis, chief executive officer and co-founder, and his team have established Qgiv as a leading software company in a highly attractive vertical market, and they have a reputation for delivering innovative software solutions. This aligns very well with Sphere’s core values and strategy.”
“We’re excited to partner with Sphere and truly believe that their platform, roadmap and extensive knowledge of integrated payments will ultimately provide great benefits to the customers we work with and the nonprofit market as a whole,” said Baylis of Qgiv. “We look forward to partnering with Andrew, Steve and the Sphere team to continue to improve and iterate Qgiv’s online fundraising platform based on customer feedback and solving the needs of our current and future customers.”
For more information on Sphere, please visit http://www.spherecommerce.com.
Sphere, powered by TrustCommerce technology, is a leading provider of end-to-end integrated payments, security software, payments gateway and merchant acquiring products and services. Sphere serves large, complex enterprises and small local businesses across a range of vertically oriented end-markets, including healthcare, education, parking, insurance and nonprofit. Sphere’s integrated payments technology and security software enable its clients to process payments in a way that is: highly secure and compliant, integrated with their core business software, omnichannel, and processor-neutral. Sphere’s partner-centric focused payments solutions serve small, midsize and enterprise level businesses and software companies in the U.S., Canada, and Australia.
About Qgiv, Inc.
Qgiv, Inc. is a leading online fundraising platform founded in 2007. From their base in Lakeland, FL, they currently serve more than 3,000 nonprofit organizations in the United States and Canada. Qgiv’s aim is to help nonprofits raise more by anticipating and addressing their needs and challenges through customer-informed development and close attention to industry best practices. They offer no-contract pricing, unlimited access to tools and support, and integrations with industry-leading donor management and CRM software to make it easy for nonprofits to experiment with new technology and grow their digital fundraising programs. To learn more, please visit https://www.qgiv.com.
By Dr. Heather Mark
On March 19, 2019, well-known and respected security researcher and reporter Brian Krebs, posted an article with the headline, “FaceBook Stored Hundreds of Millions of User Passwords in Plain Text for Years.” The article states, “According to Krebs, “The Facebook source said the investigation so far indicates between 200 million and 600 million Facebook users may have had their account passwords stored in plain text and searchable by more than 20,000 Facebook employees.” With that in mind, think about how many accounts you have linked to Facebook.
The news is a constant parade of security breaches in which user names and passwords are compromised. It is easy for people to become numb to that, or to think that it’s “only” a username and password, not financial data. But how many of us use the same password, or a close variation, for several of our accounts, including our work passwords? Take a look at this list of security breaches, and think about how many of those impact you, and how many times you recycled passwords for those accounts.
Though it can be convenient, reusing passwords does put you at risk for further compromise. As criminals have become more sophisticated, they’ve taken to aggregating data collected from various breaches and extrapolating it to compromise accounts that you might not even know were in danger. Do you use the same password for social media as you do for your bank account? You might not be concerned if your social media password was compromised, but what if the hacker were able to discern your bank or financial institution? Have you ever posted a complaint or comment about your bank? Do you check into your office on social media?
We’ve all read the stories about people using “password 123” or “changeme!” for their passwords. Not only are those easy to crack, but they’re painfully ubiquitous. Here are some quick, easy tips for creating a strong password:
- Use phrases – think about a line from a favorite book, movie or song. Sometimes, that can actually be easier to remember and it’s inherently more complex. Particularly if it uses punctuation.
- Use “special” characters – When we think of “special” characters, we tend to default to the “!” or the “*”. They’re easy to remember. But the poor semi-colon (“;”) is woefully underused. As is ampersand (“&”) and the tilde (“~”). Think creatively about which special characters you’re using in your password and how you’re using them. For example, you can combine special characters to make emoticons.
- Mix up numbers and letters – a creative mix of numbers and letters can make a password more difficult to guess. Try not to make obvious substitutions, such as using a ‘”3” instead of an “e”.
- Use capital and lowercase letters – mix up your use of capital and lower case letters. You don’t have to follow grammatical conventions when creating strong passwords. You don’t have to start a name with a capital letter.
Another important reminder is to change your password regularly. It can be easy to forget that, particularly in the age of biometric authentication. One trick that I use is to set a calendar reminder to change my passwords. You can choose every 30, 60, or 90 days, but it’s best not to go past the 90 day mark.
It can be hassle to come up with and remember new passwords every 90 days, but using new, unique passwords is an important tool to protect yourself and your business. It pays to be smart!
Daryl Seaman joins Sphere as CIO bringing 35 years of leadership excellence.
NASHVILLE, Tenn. (March 22, 2019) — Sphere, the leading provider of end-to-end integrated payments and security software, today announced that Daryl Seaman has joined the company as Chief Information Officer. In this role, Mr. Seaman will lead the Information Technology group, overseeing all aspects of new development. He will also be responsible for maintaining the integrity of production processing in a secure operating environment and providing world-class support services to our clients.
Mr. Seaman is a 35-year veteran of the payments industry, having served in executive Information Technology roles at two of the largest acquirers, First Data Corporation and TSYS. His areas of expertise include operational excellence, large-scale conversions/integrations, and organizational capability.
“Daryl’s proven track record in increasing an organization’s capability and capacity and his commitment to excellence will be instrumental to the growth of Sphere,” said Steve Rizzuto, Chief Executive Officer of Sphere. “He is a tremendous addition to the leadership team.”
“It is an honor to be a part of Sphere,” said Mr. Seaman. “Combining the industry experience of our leaders with the outstanding reputation of TrustCommerce technology will provide opportunities for growth in the fast-paced payments industry.”
In his career, Mr. Seaman has supported issuing and acquiring business units, led some of the industry’s largest conversion projects and managed both new development and support organizations, as well as overseas assignments for international business expansion.
Sphere, powered by TrustCommerce technology, is a leading provider of end-to-end integrated payments, security software, payments gateway and merchant acquiring products and services. Sphere serves large, complex enterprises and small local businesses across a range of vertically oriented end-markets, including healthcare, education, parking, insurance and non-profit. Sphere’s integrated payments technology and security software enable its clients to process payments in a way that is: highly secure and compliant, integrated with their core business software, omni-channel, and processor-neutral. Sphere’s partner-centric focused payments solutions serve small, midsize and enterprise level businesses in the U.S., Canada, and Australia.