Managing Compliance
With businesses already burdened by a struggling economy, reducing PCI compliance management expenditure can be one way to cut costs. But, does saving money in this way come with reduced functionality and added risk of a data breach?
Contact
For more information on how TNS can help with stored card tokenization and hosted payment solutions, please contact us by filling in the form below.
Brad Templeton, Product Marketing Director of TNS Asia Pacific, offers insight on how businesses processing card-not-present or recurring transactions can save substantially on compliance costs, improve card data security, and reduce administration headaches by working with managed service providers such as TNS.
“Two ways that businesses can reduce PCI compliance costs are using stored card tokenization and hosted payment solutions,”
said Templeton. “Both help businesses save money while actually improving customer security.”
For businesses with recurring billing needs, such as telcos, utilities, insurance companies, or gyms, for example, stored card tokenization offers merchants the ability to remove credit card information from their own systems. Instead of storing actual credit card information, card data is replaced with a unique secure token. The actual credit card number is securely stored within the managed providers PCI certified environment and the merchant instead uses the token to process a payment.
Templeton continues: “For merchants with e-commerce websites, another way to minimize the scope of a PCI compliance audit is by using payment web pages hosted externally. Instead of hosting the final transaction page on your website, your final transaction page is hosted within a PCI certified, securely managed environment. The hosted payment webpage looks and feels like the merchant website but all credit card information is entered into a webpage securely hosted within the PCI certified network. The card data never appears in the merchant environment, so this again simplifies the compliance process.”
Both these solutions greatly minimize the risk of a card data breach and substantially reduce the scope and, therefore, cost of any PCI
compliance program for the merchant. This also reduces operational and capital expenditure costs associated with managing the merchants PCI environment, such as administrative overheads and infrastructure, as card data can be effectively removed from the merchant premise.
