This paper explores the use of tokenization as a best practice in improving the security of credit card transactions, while at the same time minimizing the headaches and angst associated with PCI DSS compliance.
Tune in to this Tokenization webcast where we'll discuss the business drivers behind tokenization, exactly what 'tokenization' is, some best practices for a successful implementation, and lastly, a customer example of tokenization used to reduce the PCI DSS audit scope.
Engagement with customers online has evolved from novelty to necessity, with an estimated $202 billion spent in 2011 and projected 10% growth to $327 billion in 2016, according to Forrester Research. Businesses are maneuvering to connect with the growing pool of online customers, but the move to eCommerce brings new security risks with the exchange of sensitive consumer information, including cardholder data and personally identifiable information that can enable identity theft. At stake is reputation of brand, ongoing access to merchant credit lines, and substantial penalties and remediation in the event of a breach.
This white paper elucidates the aspects of PCI DSS (Payment Card Industry Data Security Standards) compliance that must be considered when choosing a secure environment for servers involved in eCommerce. Whether deciding to outsource or keep data hosting in-house, any company collecting, storing or transmitting customer cardholder data needs to be compliant, and this document helps pinpoint the specific concerns and standards a company should be aware of when choosing how to keep their data secure. Understanding requirements and best practices for security policies and procedures, physical safeguards, and security technologies is essential to establishing cardholder data security and meeting QSA and SAQ audit requirements.
Credit Union Times is the nation's leading independent source for breaking news and analysis for credit union leaders. For more than 20 years, Credit Union Times has set the standard for editorial excellence and ethical, straight-forward reporting.