Data Security

Protect your constituents and your nonprofit from costly credit card fraud.

Mitigate fraud and prevent losses with Blackbaud Merchant Services™.

High-impact organizations rely on Blackbaud Merchant Services Data Security for their secure payment gateway.
Read these stories and more in our customer story showcase.

Built-in and Configurable Fraud Management Tools

Blackbaud Merchant Services includes fraud management settings that can be configured to check for:

  • Card Security Code (CSC)
  • Address Verification System (AVS)
  • Three-Domain Secure (3DS) Authorization

In addition, Blackbaud's Compliance Team continuously monitors your account and proactively contacts you when payment card fraud is suspected, helping your organization avoid costly chargebacks.

And since Blackbaud Merchant Services is integrated with other Blackbaud solutions, you can take advantage of the fraud-prevention features available in those systems, such as CAPTCHA and reCAPTCHA. You can also take advantage of Blackbaud's expertise and relationships with security organizations, including the Internet Crime Complaint Center (IC3).

Online Credit Card Fraud

For nonprofits that experience fraud or a significant number of suspect transactions, Blackbaud automatically enables a service specifically for card-not-present online transactions. This service generates a score based on the likelihood that credit card transactions are fraudulent. Transactions are screened based on anonymous proxies, bank identification number (BIN) or issuer identification number (IIN), high-risk countries, and account velocity.

Constituent Data Encryption and Protection

Blackbaud has been validated as a Level 1 service provider and payment gateway by the PCI Security Standards Council, having met the industry’s most stringent data security requirements. The Blackbaud Merchant Services payment gateway, known as the Blackbaud Vault, encrypts and tokenizes your constituents’ credit card data – including vaulting card data for recurring donations or payments, removing your risk of storing this sensitive information. It also automatically blocks transactions based on Internet protocol (IP) address and blacklisted credit cards.

Point-to-Point Encryption (P2PE)

Blackbaud partners with Bluefin to provide a PCI-validated P2PE solution for Blackbaud Merchant Services customers, significantly limiting your organization’s annual PCI assessment. Available to Blackbaud CRM and Blackbaud Raiser’s Edge NXT users, this solution encrypts cardholder data at the point of interaction in a PCI-approved ID Tech SREDKey P2PE device and decryption is done off-site in an approved hardware security module. The solution prevents clear-text cardholder data from being present in your organization’s system or network where it could be accessible in the event of a data breach.

Request more information

Ready to learn more?

Contact us today to learn more about Data Security with Blackbaud Merchant Services.

Contact Us