It’s the start of a New Year and, naturally, businesses begin prioritizing projects. “What can we accomplish this year? What projects can we take on that will deliver the most bang for the buck.” Each division jockeys for position and vies for scarce time and resources.
The single most important business decision merchants can make this year centers on data security. All the hard work your teams put in every day is rendered useless in the event of a data breach. Progress stops and all attention shifts toward survival.
How are you securing your data? Better yet, where is it?
When evaluating whether you are confident in your data security strategy, begin by looking at where your data resides. Start scratching the surface and you might find private cardholder information in unusual places, such as marketing and even human resources. Merchants can greatly reduce exposure and expenses by eliminating the data from their environment and rely on a third-party vendor to secure the information. This becomes a strong foundation for protecting their brand and reputation.
TC SMART Products® encrypt, secure, and warehouse your cardholder data using E2EE and tokenization.
Tokenization replaces sensitive cardholder information with unique identification symbols that retain the necessary information in a meaningless format to hackers. In a payment card transaction, a token typically consists of alphanumeric characters that represent cardholder data specific to the transaction in progress and contains only the last four digits of the card number. When an authorization request is made to verify the transaction, the card number is used only in the initial request. The token is returned to the requester instead of the card number along with approval or rejection of the transaction. The merchant can access the token for recurring payments but the credit-card number is stored in TrustCommerce’s PCI compliant data storage service.
In support of tokenization, Visa has released a paper discussing best practice recommendations. You may read the full document here: http://usa.visa.com/download/merchants/tokenization_best_practices.pdf
End-to-end Encryption refers to a complete protection of data that flows between two points in a network, in which the data is encrypted when it leaves its source, leaving it encrypted while it passes through any intermediate computers (such as routers), and decrypting only when the data arrives at the intended destination.
In a recent Aite Group report, “Card Fraud in the United States: The Case for Encryption,” they determined end to end encryption would have the greatest impact on reducing fraud. “We estimate that a national E2EE deployment would cut 90% of card-not-present and counterfeit cards in the United States.”
As the pioneer of these technologies since 2001, TrustCommerce payment processing solutions are proud to have led the way in innovation by leveraging tokenization and E2EE. TrustCommerce created the security needed for the industry, before most addressed such concerns. This powerful combination, in conjunction with other secure technologies, allows merchants to defer much of the cost, risk, and threat, involved in handling sensitive cardholder information. Our leading solutions include:
TC POS Vault uses industry proven key injection management and encryption technologies to quickly and safely process transactions from the customer swipe. This solution also mitigates card-not-present browser cache vulnerabilities.
TC Citadel is a powerful e-billing application designed for recurring, installment, subscription and utility payments. TC Citadel securely stores cardholder payment information and privacy data within the TrustCommerce data storage service. Merchants exchange credit card numbers and other privacy data elements for TrustCommerce issued Billing IDs.
Affordable and easy to integrate secure solutions
You may perceive that implementing a data security solution is expensive and as resource intensive as maintaining PCI compliance. Fortunately, making a large stride toward stronger data security can be done rather easily (and lessen your PCI compliance burden). TrustCommerce payment processing solutions leverage these powerful technologies and can be implemented quickly. The TrustCommerce professional services team can also develop custom integrations for merchants with unique environments or needs.
So, as you tackle your business’s “To-Do” list this year, place data security at the top. Then, feel that sense of accomplishment when you can quickly mark it complete.