UniBroker is a unique, open source PCI compliance solution, which, in a nutshell, is a traffic broker designed to filter out sensitive data, such as cardholder’s information, from the payment messages and data streams exchanged between UniPay payment gateway and its clients. It is deployed as a kind of proxy server between UniPay based payment solutions and any other applications that communicate with it.

UniBroker is a relatively small application, which has no user interface and no persistence layer. Consequently, it is extremely easy to present it to your PCI assessors and it is a perfect candidate for PA-DSS compliance audit and certification.

When deployed in your network, UniBroker will function as a proxy filter, which scans all incoming payment messages and applies tokenization on all sensitive data, replacing real values with tokens. It also filters all outgoing payment messages and applies reverse tokenization processing, by replacing tokens with actual data. As a result, UniPay payment application never “touches” any of the cardholder’s sensitive data and “falls” out of PCI scope.

UniBroker is a flexible PCI compliance solution. It is engineered to support real-time and batch data tokenization, and is capable of replacing sensitive data with encrypted/tokenized equivalent on both transactional and file levels. It is architected to support multiple input formats, which include raw HTTP posts, XML messages and XML files, delimited and fixed length text files, and it is capable of using various external tokenization services, allowing you to keep your preferred tokenization solution intact.

PCI compliance is a must for everyone in credit card processing field and PCI audit is, generally, an expensive and difficult process. Relying on UniBroker as your PCI compliance solution for PCI scope reduction and general PCI audit simplification, you can save thousands of dollars in annual audits and overall maintenance of your payment system.

Here are some of the features available to you through UniBroker PCI compliance solution:

• Data Filtering
  • configurable filtering for formatted data streams (XML, csv, etc)
  • restful web service API for real-time data tokenization
  • real-time and batch extraction and tokenization of the sensetive data
  • real-time and batch extraction and detokenization of the sensetive data
• Communications Handling
  • HTTPs and sFTP communication
  • PGP encryption and GZip support
  • secure key and password management
  • API for integration with external tokenization appliances and services