Data Security

Protect your constituents and your non-profit from costly credit card fraud.

High-impact organisations choose Blackbaud.
Read these stories and more in our customer story showcase.

Mitigate fraud and prevent losses with Blackbaud Merchant Services

Built-in and Configurable Fraud Management Tools

Blackbaud Merchant Services solution includes fraud management settings that can be configured to check for:

  • Card Security Code (CSC)
  • Address Verification System (AVS)
  • Three-Domain Secure (3DS) Authorization

In addition, our Compliance Team continuously monitors your account and proactively contacts you when payment card fraud is suspected. We also notify you of suspect transactions, helping your organisation avoid costly chargebacks.

And since Blackbaud Merchant Services is integrated with other Blackbaud solutions, you can take advantage of the fraud-prevention features available in those systems, such as CAPTCHA and reCAPTCHA. You can also take advantage of our team’s expertise and relationships with organisations including the Internet Crime Complaint Center (IC3).

Online Credit Card Fraud

For nonprofits that experience fraud or a significant number of suspect transactions, Blackbaud automatically enables a service specifically for card-not-present online transactions. This service generates a score based on the likelihood that credit card transactions are fraudulent. Transactions are screened based on anonymous proxies, bank identification number (BIN) or issuer identification number (IIN), high-risk countries, and account velocity.

Constituent Data Encryption

Blackbaud has been validated as a Level 1 service provider and payment gateway by the PCI Security Standards Council, having met the industry’s most stringent data security requirements. The Blackbaud Merchant Services payment gateway, known as the Blackbaud Vault, encrypts and and creates tokens for your constituents’ credit card data – including card data for recurring donations or payments, removing your risk of storing this sensitive information. It also automatically blocks transactions based on Internet protocol (IP) address and blacklisted credit cards.

Point-to-Point Encryption (P2PE)

Blackbaud partners with Bluefin to provide a PCI-validated P2PE solution for Blackbaud Merchant Services customers, significantly limiting your organisation’s annual PCI assessment. Available to Blackbaud CRM and Blackbaud Raiser’s Edge NXT users, this solution encrypts cardholder data at the point of interaction in a PCI-approved ID Tech SREDKey P2PE device and decryption is done off-site in an approved hardware security module. The solution prevents clear-text cardholder data from being present in your organisation’s system or network where it could be accessible in the event of a data breach.

Ready to learn more?

Contact us today to learn more about Data Security in Blackbaud Merchant Services.


Contact us