merchants developers/integrators acquiring partners sales kit TranScend™   SmartVault™   SystemSentry™   FlexPort™   CoreDynamics™   ProAct Admin™ On-line Registration SmartVault™ - The Cornerstone of TransCend™. TranScend™, formerly SuperCharge Gold, was awarded the Payment Application Best Practice Certification in accordance with PCI (Payment Card Industry) standards. Simply put, this means a merchant using TranScend™ would not be prohibited from meeting PCI requirements when implemented into a secure environment, in accordance with industry best practices. To accomplish this task, the design team developed a sub-system or series of components that are focused on every aspect of security including the protection of stored data, the protection of moving data (internally and externally), user/function level security and protection from programmatic attacks from both internal and external sources. This subsystem is called SmartVault ™ and is comprised of the following components. Session Level Security – all communications between any TranScend™ components are encrypted. This prevents malicious attempts of unauthorized communications with the TranScend™ application. Data Storage Security – all payment transaction pertinent data is encrypted prior to be stored in the database thus preventing both internal and external sources from unencrypted views of sensitive data. Allowable IP Addresses – access to the TranScend™ application is controlled through a user controlled, allowable IP address table. Only IP addresses established in the table will have access to the application and logs are generated that track activity, multiple IP violations, etc. User Security – all users are prompted to use and maintain complex passwords (composed of both numbers and letters) which control access to allowable functions (transactions, reporting, inquiry, etc.), data access (merchant specific, transaction type specific, etc.) and allowable roles ( a user may have access to transactions but may not perform a specific transaction type, eg. Mary can access the inquiry screen but she’s not allowed to credit a charge from the list of transactions.) Strict Message Validation – every software component in the system uses a series of checks to validate both the data and communication streams when corresponding with one another.  If either stream is not valid, the communication session ends and logs the incident.