Simplifying electronic payments with tokenization

Bill360 was looking for a way to help improve the collection process for B2B companies, which has historically been handled via outdated systems. Most importantly, they wanted to make it easy for businesses to accept credit card payments. Chris Arnold, CTO at Bill360, knew this would mean handling sensitive credit card data and increasing their PCI scope. Chris had plenty of experience with PCI compliance audits and knew that there were better approaches than storing credit card information in their own environment.

Implementing IXOPAY for this information significantly reduced the time Bill360 spends on its PCI audit. “We’re currently going through our [PCI] recertification process; the first time took several months, and now it only takes about 6 weeks.” This savings means that the Bill360 team can focus instead on key priorities, like internal controls and policies, working on their security layers, and spending more time on their perimeter security instead.

On top of looking for a solution that could help Bill360 with reducing their PCI scope, they needed a solution that had proven uptime and availability to keep their payments flow effortless.

When searching for a way to accept credit card data while reducing the scope of their PCI audits, Bill360 vetted multiple tokenization solutions. They ultimately settled on IXOPAY due to the reliability of the solution. “We haven’t run into any problems with uptime and availability with IXOPAY”, Chris stated when speaking about his experience so far. 

Since IXOPAY sits in the payments flow for Bill360, having a system with reliable uptime and availability meant a smoother customer experience and fulfilling the goal of aiding customers with growing their business. Not only that, but Chris appreciated the ability to directly integrate with Fiserv, which sped up their time to market and simplified their entire process.

Bill360 uses the hosted iFrame and Transparent Gateway within Universal Tokens to remove customer data from their environment and tokenize both credit card and ACH information. Bill360 can collect payment information directly on their app via the iFrame, with the sensitive card data sent directly to IXOPAY to be stored. In return, IXOPAY sends Bill360 a token to store in their system, keeping sensitive information out of Bill360’s internal environment.

With the Transparent Gateway, Bill360 can seamlessly integrate with their payment processor. When Bill360 wants to use the provided payment information, they send the token back to IXOPAY, who then uses the Transparent Gateway to process the payment with their payment processor. “With IXOPAY, we’re able to not only accept credit card and bank account data for our clients, but we’re also able to customize it to work for our business model.” By not handling the payment information directly in their environment, Bill360 is able to significantly reduce their PCI scope and audit complexity.