AssuredCredit | AssuredCard | MIlinx | Secure Payment Request Portal
Assured Card Corporation was able to understand the importance of security for customers and financial institution information. Individuals and corporations did not want information compromised or exposed to the public or unauthorized individuals. We never had a breach in our systems from 1994-2001 that compromised any customer data.
In 1998 we created a new HTML JScript Online Windows Form to allow internet users with Windows OS and Internet Explorer to submit an Application or Registration. This development provided market reach for AssuredCard’s unique credit and debt management product. It also provided the platform for the on-premise merchant payment gateway registration and customer payments.
In the forms below we took steps to limit the amount of information collected as we did in the online version.
- for payment requests limiting to last 4 digits for ID of the credit facility
- limiting transmission of the application only if the financial institution was registered
In the event we needed to make an emergency payment we asked these financial institutions for authority to make third party payments otherwise we would have to mail a check to the customer. The forms displayed below are:
At that time most systems financial institution systems were predominantly Microsoft so we used this technology to build the initial forms. This included the technology used for the initial servers with Corporate access using Novell NetWare versus Public and Communications using Microsoft NT architecture.
SendMail an internetwork email routing facility supported Simple Mail Transfer Protocol (SMTP) used for email transport over the Internet. It was the first technology used to transmit the information to our Data Entry Team. It was a simple technology we could strip all other active code and transmit text only data without direct access to the Corporate Data servers.
To accomplish this architecture we segregated a Microsoft Email Server or Exchange Server provisioned for Corporate email. A manual firewall table was created to block all access to other Corporate systems except through required ports and IP’s for transmission by SendMail.
The new transmission model for a Payment Request needed to have a more robust security model so malicious actors could not exploit this custom made Windows Form and gain access to Corporate Customer Data as this form was going to write to the company database once we were confident the best security protocols were in place.
We decided to provision a Microsoft Internet Information Server (“IIS”) including as our site hosting and installed our own SSL Certificates. We created the site using Frontpage which at the time was the easiest way to get this done as it was also part of MS Office and designed for IIS sites.
In 1998 to get data to the Corporate MS SQL Server we needed to use the MS Office required server-side plugins or IIS Extensions. We setup the new IIS Server and in about two weeks had it writing data to the CRM.
The setup included a firewall between the public internet so we could isolate ports and IP’s to minimize potential attacks including buffer overflow.
The preparation for the Secure Payment Request Gateway was simple and complex. It was simple as we were at the right place at the right time. TLS was being introduced and adopted in 1999. IT professionals were finally grasping the exponential vulnerabilities of MS SQL. AuthConfig was being introduced in 1999 for a central identity store protocol. We were at the right place at the right time. We had all the pieces coming technology to protect our customer's information. Now a universal online payment gateway our next challenge.
Commercial relationships were created with Netscape, Sun Microsystems, Oracle and Cisco. Milinx was launched as an ASP (named from the Minix backend of SuccessInc) in 1997 as we created the framework for a universal scalable platform.
We needed to address session control. The internet as it existed in 1999 was as open as a slice of Swiss cheese. Sessions were not secured meaning you could find a URL and most of the time access without permission.
AuthConfig meant it was much easier to setup a system security service daemon which at the time was also being adopted into the Oracle database engine we used for Milinx. We had a base technology framework to launch a more Secure Online Payment Gateway.
We developed the original backend for AssuredCard service with Microsoft by segregating online and public access. One. To address access by financial institutions IT departments we needed an interoperable secure Online Merchant Payment Gateway that countered their insecure technology. We understood the weaknesses in their architecture and we could make customer data secure.
We had used the AssuredCredit Web Portal as a testing ground for the concept. We had created a basic framework, best practices and secure architecture for delivery of the technology. The patent filed March 2000 provided launch of the Hosted Universal eCommerce Payment Gateway “Client-Centered Secure-eCommerce” and we created our first partnership and customer accounts.
By 1999 AssuredCredit parent Assured Card Corporation was being acquired by Milinx through CreditAssure Financial. We needed to show leadership and innovation beyond any other technology leader. A new protocol “Biometric Protection for Encryption” was filed.
We had two very different different architectures and approaches which needed a universal architecture and future.
The new On-Premise Online Payment Terminal was the first Online Merchant Payment Gateway. The new Hosted Online Merchant eCommerce Payment Gateway was the backend for all Hosted Online Payment Systems.
The updated Online Services Portal Login form is below which was introduced prior to the release of the On-Premise Online Merchant Payment Gateway.
Origins of First On-Premise Online Payment Terminal (Gateway) & First Hosted Online Payment Gateway
The origins and first introduction of the On-Premise Online Merchant Payment Terminal (Gateway) was in 1998 through AssuredCredit. The integration of the First Hosted Online Merchant eCommerce Payment Gateway developed by AssuredCredit was in 1999 re-engineered for scalable delivery and re-launched by Milinx in 2000 this included a partnership with Heartland Financial Systems for introduction into the financial marketplace.
Creation of CreditAssure Financial as the affiliate for the Milinx Payment Gateway
Heartland Payment Systems announced an agreement to enable online credit card payments for e-commerce clients hosted by Milinx Business Group, Inc., a leading Application Service Provider. Through this alliance with Milinx subsidiary CreditAssure Financial, Inc., customers of Milinx were able to apply online for Merchant Accounts and receive swift service plus competitive rates.
Accepting credit card payments online is critical for companies seeking e-commerce solutions. By choosing Heartland Payment Systems, Milinx will be able to provide all the necessary tools for its clients to set up a merchant account and accept secure transactions online. Heartland will provide Milinx a secure online process that is expected to allow the ASP’s customers to be approved in as little as two hours from the time of application without providing a ‘wet’ signature for the account. Heartland expects to authorize more than 90 per cent of the online applications it receives from Milinx clients through CreditAssure.
Milinx will provide its customers with great value by offering a Heartland program that will save them the time and money associated with opening a merchant account. The two companies will also share the revenue from their agreement.
“This alliance allows Milinx to move closer to offering a one stop solution for their customers,” said John Waldron, Vice President of Internet Marketing and Sales with Heartland Payment Systems. “It is a real pleasure to have been selected by Milinx to provide their customers with such a critical piece of the e-commerce puzzle.”
“Milinx built its Application Data Center to handle hundreds of thousands of clients including e-commerce customers,” said Milinx President and CEO Maynard L. Dokken. “We chose Heartland Payment Systems because they can provide high levels of service, security and flexibility as our e-commerce clientele grows.”
About Heartland Payment Systems
Heartland Payment Systems provides businesses of all sizes with professional, one-stop solutions for payroll processing, traditional and Internet card processing and fraud prevention and protection programs. Heartland Payment Systems began in May 1997 as Heartland Card Services, LLC and has rapidly grown to become the 15th largest merchant acquirer in the US, as well as the largest, privately held merchant acquirer.
About Milinx
Milinx Business Group, Inc. (OTCBB: MIXBA) is an Application Service Provider (ASP) which hosts and delivers software to businesses over the Internet on a subscription basis. This minimizes spending on software and hardware while speeding the implementation of new solutions. Milinx is a Delaware corporation with headquarters in Seattle, Washington and operations in Vancouver, BC.
Creation of Financial Insitution Registration & Universal Payment Gateway
According to the invention, an intermediary is interposed between a merchant or payee and a purchaser or payor in a commercial transaction, particularly an electronic commerce transaction. The intermediary retains personal banking or credit information of the purchaser or payor. Upon request of the purchaser or payor, the intermediary acquires information regarding the transaction or payment to be executed, and the intermediary deals with securing the appropriate authorization from a financial institution on the purchaser/payor's behalf without the purchaser needing to disclose personal banking information to the merchant/payee. The authorization received from the financial institution is provided to the merchant/payee.
Description of Secure Financial Insitution Registration & Payment Gateway
One Aspect in Patent of Universal Merchant Online Payment Gateway Description
In one aspect, the invention is a method of effecting payment between a payor and a payee in an electronic commerce transaction over a communication network, comprising the steps of an intermediary acquiring from the payor personal banking information regarding a financial institution through which payment is to be effected, the intermediary providing to the financial institution banking information regarding the payor and requesting and receiving from the financial institution a payment or credit authorization, and the intermediary informing the payee of said payment or credit authorization.