IT Management

Dec 17 ’12

With a large and ever-increasing quantity of adults ready to shop online or in-store, credit card in hand, retailers must equip themselves to process millions of payments in a manner that meets Payment Card Industry Data Security Standard (PCI-DSS) policies.

“There are more than 200 million active credit cards in circulation in the U.S. alone,” says Vishal Jain, analyst, Mobile Technologies, the 451 Group.

IBM outfits retailers with state-of-the-art IT infrastructure, including System z mainframes, z/OS, and IBM middleware and software, that speed and secure transactions while increasing efficiencies and lowering costs.

Supporting Technologies

“Depending on the design of the payment card processing application, various IBM software may be involved,” says Todd W. Arnold, senior technical staff member, IBM Cryptographic Coprocessor Development. The IBM mainframe with z/OS is the bedrock of the payment processing solution.

An intelligent, well-defined transaction processor, the IBM z10 Business Class (BC) mainframe is a centralized system with robust logging and controls. With the z10 BC, tasks run as individualized, independent resources, each with its own pre-defined hierarchies. These features rein in system errors, ease management, and enable administrators to see and control what each task is doing.

With up to 96 physical chip cores that enable hardware scaling, the z10 BC scales more simply and cost-effectively than x86 systems, which require additional blade servers to scale payment card transaction processing. The z10 BC uses IBM’s parallel sysplex capabilities to scale the payment system software without having to partition the DB2 10 for z/OS database.

The parallel sysplex connects large numbers of processors and operating systems to achieve scaling. On the sysplex, IBM’s DB2 10 scales up to process increasing numbers of transactions while running on large single images, so the retailer doesn’t have to run multiple applications on different images. The DB2 Query Optimizer adds to the transaction processing speed by enabling faster queries.

Applications on the z10 BC must intercommunicate. Versions 5 and 6 of IBM’s WebSphere MQ software let two or more nodes talk to each other and provide messaging transport inside the mainframe during payment processing. Using WebSphere MQ, a form of messaging-oriented middleware, programs move payloads and messages between each other with guaranteed delivery.

To guarantee delivery, the sending node waits for a receipt confirmation from the receiving node. If the communication link between the two breaks, the sender saves the message and resends after the communication link re-establishes itself.

Securing the Process

The PCI-DSS security requirements are twofold. First, the PCI standard requires secure networks for payment processing. To meet this requirement, the System z memory architecture limits application access to the mainframe’s memory so that one application can’t act on data or processes reserved for another. Another key component is Resource Access Control Facility (RACF), IBM’s user identification, authentication, and authorization software.

2 Pages