You are here
Mashery Lets Companies Distribute the Buy Button, Becomes First PCI-Compliant Commerce API Platform
Mashery Introduces Distributed Commerce Service, Enables Secure Purchases on Any App, Device or Social Network
San Francisco, CA, August 23, 2011—Mashery, the leading provider of API (Application Programming Interface) management and strategy services, announced today its new Distributed Commerce service, which lets companies offer secure purchases and financial transactions on any app, device or social network—whether developed in-house or by strategic partners. Mashery has also become the first API management provider to be fully certified and designated as a Payment Card Industry (PCI) Compliant Level 1 Service Provider through a Record of Compliance (ROC) letter from the PCI Security Standards Council™.
With the explosion of connected devices—Cisco predicts one trillion by 2013*—smart companies want to extend buying cycles to the full range of consumer touch points, including mobile devices, social networks, and strategic affiliate channels. Mashery Distributed Commerce lets them do just that, with a platform for accepting credit card transactions and purchase authorizations directly through APIs. In addition to achieving PCI Data Security Standard (DSS) 2.0 Validated Service Provider status, Mashery Distributed Commerce also includes an OAuth 2.0 Accelerator, making it possible to authorize purchases through APIs when stored payment information is on file.
“Mashery Distributed Commerce allows Best Buy to securely offer purchase transactions through our strategic partners," said John Bernier, Partner Engagement Manager at Best Buy. "And, we can execute transactions seamlessly, without forcing users to leave our partners' apps or sites, which makes for a more compelling, user-friendly experience than traditional affiliate programs."
Mashery Distributed Commerce adds financial transactions to the growing list of content and services that companies are distributing via APIs, which already includes product information, media content, secure account management, and information services. Because Mashery is a PCI Compliant Service Provider, Mashery Distributed Commerce takes API management and transmission “out of scope” for customers’ PCI audits, meaning one less headache for companies looking to enable secure transactions and grow their businesses beyond existing channels and networks.
“Because Mashery has passed the extensive independent PCI audit and received a Record of Compliance, we give merchants the freedom to deploy fully customizable purchase experiences wherever, whenever, and on whatever devices their customers want to transact,” said Oren Michels, CEO and Co-Founder of Mashery. “And we remove a major piece of the merchants' compliance burden, speeding time-to-market by allowing them to launch fully PCI compliant commerce APIs immediately. Unlike so-called PCI-ready API management solutions, which purport to be PCI compliant simply because they run in a PCI certified data center, Mashery Distributed Commerce lets compliance officers rest easy knowing their entire API management infrastructure has already passed a PCI audit.”
Mashery Distributed Commerce provides companies with the ability to:
• Securely offer purchases and financial transactions through any app, on any device, and in any context—including those developed and/or distributed by third parties, strategic partners, or social networks.
• Empower affiliates to accept transactions directly without forcing users to leave a site just to complete a purchase.
• Create flexible, personalized transaction touch points for customers across multiple shopping experiences without having companies incur additional PCI liability—setting compliance officers at ease.
• Exchange B2B financial transaction and purchase data with strategic partners via APIs.
• Designate APIs that carry sensitive data, triggering enhanced security measures such as Secure Sockets Layer (SSL) transmission and more stringent developer access control.
• Easily configure OAuth 1.0 or 2.0 (two-legged or three-legged) authentication for purchases where payment account information is on file.
For more information about Mashery’s new Distributed Commerce service, please visit http://www.mashery.com/solution/commerce.
*Cisco Systems, Inc., International CTIA WIRELESS® 2010 Keynote Address, March 2010