Why Spark Doesn't Store Your Card Data
The process that card data takes when it is entered into Spark is the following:
We send the data directly to USAePay, the payment gateway electronically, we do not store that data in Spark.
USAePay sends back a token, representing the card that we just sent them
The token is only a reference to that credit card and not the card information itself, keeping your students'/members' credit card data safe and secure.
You can learn more about how tokenizing credit cards keep you and your client's information safe and secure by reading this article from Visa.
Excluding Credit Card data, Spark will provide you with all other data in your Spark account. You can even do it yourself.
Please read the following information regarding the transfer of card data:
Spark will not charge you anything to export your cards from our software. USAePay (payment gateway that stores your client's tokenized credit cards), on the other hand, does charge a fee (dependent on the number of credit cards) to transfer your cards from their system into your new system. USAePay will bill you directly if you choose to proceed with the credit card export.
It should be made apparent that every transfer request is subject to USAePay's terms and they may approve/deny export requests on a case by case basis.
The timeline of PCI Compliant transfers of data can differ drastically from case to case, but we see an average completion time of 4 weeks.
If you'd like us to initiate a transfer request with USAePay, they will require the following information to open the request:
The reason you will be moving gateways
The new software you will be utilizing
Point of contact for receipt of the data
What cards would you like included in the export?
(e.g. Active Students' primary payment methods, everything available, etc..)
We are here to help make this as easy on you as possible.
Please send the above information through the chat to the Data Department and we will be able to get the process in motion for you.
Why Spark Cares About Credit Card Data
In today's credit card fraud climate, where hackers and scam artists run rampant, we protect all of our clients and their members by never storing any credit card data on Spark servers.
This is not only because we care, but it is also the standard created by the credit card companies that we must adhere to. For more info on this, check out the official rules at the PCI Security Standards Council's website.
By using a third party to tokenize your client's card information, it keeps your clients safe from any fraud. A credit card token is useless outside of Spark to a scam artist, or even a former disgruntled employee from stealing credit card data and using it to cause your member's harm.
To find out why Spark safely protects your client's (members or students) credit card data for fraud using a third-party PCI Compliant service, read about it on USAePay's website.