Advertisement

White Paper: Where the PCI Council Got It Wrong on Tokenization

Dec. 19, 2011

Prime Factors, a Eugene, Ore.-based data security company, recently responded to the August publication of the PCI DSS Tokenization Guide with a white paper of its own that attempted to address what it calls the shortcomings of the PCI document. Tokenization Guidance: How to Reduce PCI Compliance Costs, licensed by Prime Factors and completed by research firm Securosis, said the PCI Tokenization Guidance doesn’t answer the central question it purports to examine: How does tokenization alter PCI compliance? “They released ‘guidelines’ which are lacking in guidance,” the authors said. Prime Factors said the paper helps the merchants determine what is in or out of scope and provides audit advice and a tokenization audit checklist for how PCI requirements apply to systems that use tokenization. “Given that tokenization offers better security, simplifies data storage security, and makes audits easier, it’s baffling that the [PCI] Council failed to offer clear advice that would encourage adoption,” the paper concluded. “Discovering what’s missing from the official guidelines—usually only discovered after purchasing a product and coming to grips with how it really works—is no recipe for success. To request a copy of the white paper click here.



Advertisement


  • Kmart Latest Breach Victim - Oct. 14, 2014

    Kmart Latest Breach VictimAfter a brief respite as the main target of hackers, a major retailer is in the news after experiencing a breach of its network security. Sears Holdings on Friday acknowledged the POS systems at an unknown number of Kmart stores have been compromised.

  • Two Companies, One Video? - Oct. 14, 2014

    Two Companies, One Video?Two startups trying to change the way consumers use payment cards launched with eerily similar marketing videos. CardNotPresent.com got to the bottom of the mystery.

  • MasterCard Mining Facebook In The Outback - Oct. 9, 2014

    MasterCard Mining Facebook In The OutbackMasterCard and Facebook have signed a two-year agreement in Australia that will give MasterCard access to anonymized Facebook user data the payment network will then offer to its financial institution clients to use for marketing purposes, according to published reports.

  • JP Morgan Chase Breach Could Be Largest Ever - Oct. 6, 2014
    JP Morgan Chase Breach Could Be Largest EverJP Morgan Chase, one of the largest financial institutions in the world and the largest issuer of credit cards in the U.S., disclosed in a securities filing on Thursday that its systems were hacked last summer potentially compromising the accounts of 76 million individuals and seven million businesses.
  • eBay Spins Off PayPal - Oct. 2, 2014
    eBay Spins Off PayPalOn Tuesday, eBay formally announced a move that had been expected, and agitated for by activist shareholders, for some time: PayPal will be spun off as its own independent, publicly traded company during the second half of 2015.
  • Fifth Third Launches Payments Division - Sept. 29, 2014

    Fifth Third Launches Payments DivisionCincinnati-based regional bank Fifth Third Bank, several years after spinning off its processing arm into the company that would become acquirer Vantiv, has thrown its hat back into the payments ring with the formation of a new Payments and Commerce Solutions division.

  • PayPal Opens Door to Bitcoin for Digital Merchants - Sept. 25, 2014

    PayPal Opens Door to Bitcoin for Digital MerchantsPayPal signed agreements with digital-currency processors BitPay, Coinbase and GoCoin so that PayPal merchants that sell digital goods can accept Bitcoin and process the transactions through one of those providers by integrating to them through the PayPal Payments Hub.

  • Home Depot Confirms Extent of Breach - Sept. 22, 2014
    Home Depot Confirms Extent of BreachOn Thursday, Atlanta-based do-it-yourself hardware chain Home Depot confirmed that the data breach it acknowledged on Sept. 8, which was first reported by security blogger Brian Krebs on Sept. 2, exposed the information of 56 million unique payment cards, officially making it the largest retail card breach ever reported, according to multiple sources.
  • Zooz Customers Tap into China with Alipay - Sept. 18, 2014
    Zooz Customers Tap into China with AlipayZooz, an Israeli payment service provider serving large enterprises, yesterday said it reached an agreement with Chinese online payment method Alipay that will enable its merchant clients to accept payments from Alipay's 300 million account holders.
  • Feedzai Partners with Azul for Faster Decisioning - Sept. 11, 2014

    Feedzai Partners with Azul for Faster DecisioningFeedzai, a Big-Data analytics company that provides antifraud technology, yesterday said it has partnered with Azul Systems to juice up its real-time data analysis enabling the company's solution to take more data into account when deciding if online transactions are fraudulent.

  • MCX Launches Long-Awaited Mobile Payment Pilots - Sept. 4, 2014
    MCX Launches Long-Awaited Mobile Payment Pilots MCX, the merchant-backed mobile payment solution that was announced about two years ago and has been shrouded in secrecy since, yesterday announced its mobile wallet and app would be available in several pilots over the rest of 2014 and roll out nationally in 2015.
  • Jumio, IDology Partner for Simpler ID Verification - Sept. 2, 2014
    Jumio, IDology Partner for Simpler ID VerificationJumio, a Silicon Valley-based online and mobile credentials management company, and identity-verification technology provider IDology, late last week unveiled a partnership that will enable companies to use government-issued photo IDs for verification purposes in card-not-present environments.

Advertisement

 

 

Sign Up Today Free

Receive the twice weekly CNP Report and monthly feature articles providing in-depth examinations of global CNP issues.

Please take a moment and register.
* First Name:

* Last Name:

* Password:

* Confirm Pwd:

* Email:

* Category:

Company:

 
Captcha
Answer:

 

 

CNP Archive

Researching companies or people in the CNP industry? Search our past coverage for targeted news and information.

Search here