This new white paper from Mercator, sponsored by TNS and VeriFone discusses key industry topics including:

• Reducing PCI compliance costs
• Removing cardholder data from your payments network
• Benefits of adopting encryption solutions

Introduction

For merchants, data breach risk is very real. But a successful hack attack is just a possibility. As sure as taxes, PCI compliance costs are certainties. Compliance is a costly treadmill, requiring periodic system updates to meet the requirements of the expanding set of PCI compliance rules.

While it is impossible to ever get off the treadmill—merchants are entirely responsible for their PCI compliance—there are techniques to reduce both the level of compliance effort and security exposure. Payment card data encryption is a particularly potent tool. By taking the two-pronged approach of encrypting payment card data when it enters the payment system—at the moment it is swiped—and replacing all stored card data with new proxy values, the merchant is able to “de-scope” a significant portion of its IT infrastructure. If there aren’t any card numbers on the merchant’s systems, PCI compliance requirements get much simpler.