Technology Overview
One of the key elements for our quality service is the robust technology and our commitment to constantly improve upon it. All of the CardConcepts technology has been designed and developed by our team of technical experts. Our techs work closely with the department-heads to ensure the end result is a cutting edge, user friendly product that meets everyone’s needs. We are constantly upgrading and evolving our systems based on the specific needs of our current (as well as prospective) partner-banks and largest merchants. Our systems are modular for efficient upgrade and customization. This has allowed CardConcepts to develop software that fits the unique and specific needs of our staff, our partner banks, the partner gateways and the merchants.
Hardware
The hardware behind our processing system consists of multiple server racks located offsite. Currently we are establishing a secondary server farm on the Eastern United States for bulletproof redundancy in the event of a natural disaster. By spreading our processing infrastructure across the United States, we no longer have to fear a disaster, such as an earthquake or fire, taking our processing services offline. We also believe in maintaining multiple Tier-1 upstream providers. We currently have three such providers.
In general, we believe in massively overbuilt hardware/connectivity. We keep our links under 50% utilization; and when we reach that point we add additional capacity. This allows us to absorb traffic bursts without increased latency.
Our data center gives us substantial infrastructure benefits, including:
- Redundant power, temperature, and humidity-control systems
- An on-site generator farm with 17 1500kw generators and 20,000 gallons of diesel fuel
- 24/7 security with three-tiered cardkey-access security
- Pre-action fire-suppression system
- On-demand connectivity with virtually no bandwidth limitations.
API For Transaction Processing
All transactions must be passed through our secure web API. Each transaction must originate from an approved PCI DSS compliant third party. This access is monitored and controlled by our gateway and integration management system, which authenticates incoming requests using a variable combination along with the IP address that sent the transaction to our system. Without all these items matching a specific gateway entry, a transaction will immediately fail before being sent to the acquiring bank. Each MID is also granted access from a specific gateway. If the transaction on a Merchant ID (MID) is not from an approved gateway for that specific MID, the transaction is declined.
Our API also allows each gateway to submit (and pass back) third-party gateway and/or the merchant’s own internal system transaction ID’s. This enables us to allow third parties to search for transactions using their own unique identifiers.
Continual Development
Our team of developers and administrators are constantly improving our system and infrastructure. Due to the design of our systems, we are able to maintain, upgrade, and update both hardware and software with nearly zero downtime. Our development team is devoted to maintaining and updating the software based on the needs of all parties involved; this list includes, but is not limited to our staff, Merchants, Gateways, and Acquiring Banks.