Data Security

Protect your constituents and your nonprofit from costly credit card fraud.

High-impact organizations choose Blackbaud. Explore their stories.
Read these stories and more in our customer story showcase.

Mitigate fraud and prevent losses with Blackbaud Merchant Services

Built-in and Configurable Fraud Management Tools

Blackbaud Merchant Services includes fraud management settings that can be configured to check for:

  • Card Security Code (CSC)
  • Address Verification System (AVS)
  • Three-Domain Secure (3DS) Authorization

In addition, our Compliance Team continuously monitors your account and proactively contacts you when payment card fraud is suspected. We also notify you of suspect transactions, helping your organization avoid costly chargebacks.

And since Blackbaud Merchant Services is integrated with other Blackbaud solutions, you can take advantage of the fraud-prevention features available in those systems, such as CAPTCHA and reCAPTCHA. You can also take advantage of our team’s expertise and relationships with organizations including the Internet Crime Complaint Center (IC3)

Premium Fraud Management Service

For nonprofits that experience fraud or a significant number of suspect transactions, Blackbaud provides a value-added service specifically for card-not-present (online) transactions. This service—available for a nominal per-transaction fee—generates a score based on the likelihood that credit card transactions are fraudulent. Transactions are screened based on anonymous proxies, bank identification number (BIN) or issuer identification number (IIN), high-risk countries, and account velocity. And you can subscribe or unsubscribe to the service as needed.

Constituent Data Encryption

Blackbaud has been validated as a Level 1 service provider and payment gateway by the PCI Security Standards Council, having met the industry’s most stringent data security requirements. The Blackbaud Merchant Services payment gateway, known as the Blackbaud Vault, encrypts and tokenizes your constituents’ credit card data – including vaulting card data for recurring donations or payments, removing your risk of storing this sensitive information. It also automatically blocks transactions based on Internet protocol (IP) address and blacklisted credit cards.

Point-to-Point Encryption (P2PE)

Blackbaud partners with Bluefin to provide a PCI-validated P2PE solution for Blackbaud CRM users processing payments with Blackbaud Merchant Services, significantly limiting your organization’s annual PCI assessment. The solution encrypts cardholder data at the point of interaction in a PCI-approved ID Tech SREDKey P2PE device and decryption is done off-site in an approved hardware security module. The solution prevents clear-text cardholder data from being present in your organization’s system or network where it could be accessible in the event of a data breach.

Request more information

Ready to learn more?

Contact us today to learn more about Data Security.

 

Contact us