Back To Top

Your Lowtax Account


Bermuda: E-Commerce

Payment Processing Facilities

First Atlantic Commerce (FAC), a Bermuda-based payment solutions provider, was established in 1998 to create secure card-based payment solutions for e-businesses.

The company provides powerful technology designed to work with most merchant platforms - a feature-rich payment system called cGate® -- offers service, flexibility and security to adapt to many business and bank acquirer requirements.

Designed for merchants with medium to high capacity transaction processing, cGate® is a high-speed and secure, platform-independent Internet payment gateway.

FAC provides a variety of processing methods including real-time, batch and MOTO. All methods can process sales, authorizations only, captures and refund or reversal transaction types.

Business solutions such as 3-D Secure™ Payer Authentication (Verified by VISA and MasterCard SecureCode™) for chargeback liability shift, Virtual Corporations and multi-currency, multi-jurisdictional, payment solutions are also available.

FAC offers international payment solutions in many jurisdictions across the Latin American Caribbean Region, Europe and Pan Asian Region.

Uniquely positioned to provide MasterCard® and Visa credit card processing across a wide-range of industries ranging from legal online pharmacies to VoIP companies, leading retailers, stored value card providers and travel-related businesses, all FAC solutions are for direct merchant accounts only with various partner banks around the world.

In October 2006, FAC announced further expansion of its network of referral companies, and is offering multi-currency residual income streams for applicable approved merchants in EUROs, USD, and Pounds Sterling.

In February, 2002, Bermuda introduced new Government regulations on how companies issue digital certificates for online transactions. Then Bermudian Telecommunications Minister Renee Webb said they: “represent a significant step forward in the development of e-business in Bermuda. They demonstrate to business internationally that we are a serious jurisdiction for sophisticated e-business”.

The Certification Service Providers (Relevant Criteria and Security Guidelines) Regulations 2002 follow the Electronic Transactions Act (ETA) 1999, and deal with the formation of electronic contracts and the validity of digital signatures. The voluntary CSP scheme allows certificate authorities to apply for Government recognition under the ETA.

The government has also created a Bermuda Commercial Digital Certification Authority.

Quo Vadis, a Bermuda-based digital certificate provider company, was the first company to seek CSP approval. Stephen Davidson, vice-president of marketing for Quo Vadis said: “While the ETA recognises that electronic signatures are legally binding, users may have to prove that the signature is valid unless it was created using an “accredited digital certificate”. Signatures from accredited certificates are automatically accepted as valid and binding.”

Mr. Davidson added: “Quo Vadis is excited to be the first CSP to be accredited by the Bermuda Government. We view this as an important step in the development of e-government and the legally binding use of electronic transactions,” he said.

Ms Webb said: “With the increasing important role that certificates are playing in e-business it is clearly vital that the businesses which issue certificates are competent, honest and technically up to the mark. It is for that reason I decided a scheme to assess their competence was required. The criteria used have been developed with businesses on the Island, but they also have been drawn up to be compatible with those used in other International schemes in both North America and Europe. I firmly believe this will be the first offshore CSP scheme to become recognised by the European Union.”

The Telecommunications Ministry makes a charge of USD10,000 per application for a CSP approval, in order to cover the costs of expert investigation of each applicant.

In April 2004, QuoVadis announced that it had been accepted into Microsoft's Root Certificate Program. This means that the firm's public root key will be distributed to all users of Microsoft's Windows operating system, allowing them to utilise digital certificates provided by QuoVadis for encryption, electronic signatures, and access control.

Explaining the reasoning behind the move, Microsoft's general manager in the West Indies and Bermuda, Rick Marcet observed that: "New regulations imposing cyber liability for executives, as well as growing demands for data protection, are driving wide adoption of digital certificates and other forms of security."

In October 2004 Quo Vadis revealed that it had been retained by the government of Bermuda to provide digital identity services as part of its ongoing e-Government Portal Project.

Apart from payment processing facilities offered by local hosting services utilising software and systems acquired from industry sources, or accessed via Applications Service Provider links, two of Bermuda's banks have entered partnerships to set up international payment processing solutions.

The Bank of Butterfield has teamed with a local e-commerce payment provider to offer e-commerce payment solutions for local and international merchants through a new company called Promisant. The new venture allows companies wishing to establish an offshore presence to process electronic transactions via the Internet, with Bank of Butterfield providing merchant accounts for businesses to receive on-line payments processed through Promisant's integrated payment solution. The service operates through the first internationally certified payment gateway to be established to First Data Corporation, the world's largest third party payment processor.

The Bank of Bermuda, meanwhile, partnered Bermuda-based First Ecom.com in providing the FEDS Payment Processing Solution. FEDS grants banks the authority to give their merchants access to the Processing Solution, which provides a wide range of new services for researching, retrieving and archiving the data associated with the transactions processed on behalf of the banks and their merchants. The Bank of Bermuda provides the card processing systems, staff, data processing center and other supporting features, including formal authorization and licenses with regard to the processing of credit card transactions by holders of VISA and MasterCard credit cards. First Ecom has established distributor relationships with local payment processing providers in many parts of the world.

In April, 2009, First Atlantic Commerce announced that it had once again achieved compliance with the 2009 Payment Card Industry – Data Security Standard (PCI –DSS).

The PCI Security Standards Council’s mission is to enhance payment account data security by driving education and awareness of the PCI Security Standards. The organization was founded by American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa, Inc.

The PCI DSS is a multi-faceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures.

It requires merchants and service providers that store, process or transmit customer payment card data to adhere to information security controls and processes that ensure data integrity.

FAC has been a PCI-certified payment gateway and solutions provider since 2005, and one of the first companies in the Latin American Caribbean Region to become fully certified. FAC is also certified for 3-D Secure MPI consumer authentication solutions in Europe, CEMEA and LAC Region.

 

 

Back to Bermuda Index »