September 17, 2008
Shift4 Corporation Releases Tokenization in Depth White Paper
Las Vegas, NV, September 17, 2008 ? Shift4 Corporation, a leading developer of enterprise payment solutions, today released a WHITEPAPER detailing Tokenization and its advantages over encryption for protecting Cardholder Data (CHD). This free resource focuses on the benefits of Tokenization for the storage of CHD compared to encryption and describes in simple terms Shift4’s 4Go® products as a tool for Payment Card Industry Data Security Standard (PCI DSS) compliance.
“Understanding the rules, regulations, and requirements to achieve PCI compliance can prove to be very difficult and place a heavy burden on an organization. Shift4 is proud to release an informative WHITEPAPER on how merchants and payment application vendors can enjoy secure payment processing without investing a lot of time, money, or resources,” stated Randy Carr.
PCI-DSS version 1.1 contains 12 requirements to help organizations protect customer account data. Each requirement is listed on the PCI Security Standards Council website at www.pcisecuritystandards.org. PCI is intended to be the “minimum” requirements for protecting CHD and is an ongoing process that impacts an entire organization.
“Tokenization in Depth will help ease the PCI pain with a less expensive strategy for compliance. Tokenization reduces the cost of developing and implementing need-to-know access levels, data usage monitoring and reporting to the POS application, and helps merchants define user access policies as required by PCI DSS,” stated Steve Sommers, Senior Vice President, Application Development, Shift4 Corporation.
Tokenization is not encryption and a token is not encrypted CHD. Tokenization is the concept of using a non-decryptable piece of data to represent by reference sensitive or secret data. A token is used to initiate payment requests or updates of an already existing payment transaction. In PCI context, tokens are used to reference cardholder data that is stored in a separate database, application, or offsite secure facility.
“The best way to secure credit card information is to not store the data at all, which is the theory behind Tokenization. Tokenization in Depth is a good resource for merchants to focus on security rather than spending hundreds-of-thousands of dollars to upgrade their systems for compliance,” stated Dave Oder, President and CEO, Shift4 Corporation.
Tokenization technology can be implemented and installed easily for current and legacy applications so that the point-of-sale (POS) or property management system (PMS) applications do not store cardholder information. Shift4’s WHITEPAPER provides a comprehensive description of Tokenization that will proactively change the way merchant’s process payment cards.
To receive Shift4’s Tokenization in Depth WHITEPAPER, contact our sales department at (702) 597-2480 and select option 3.