Advertisement

White Paper: Where the PCI Council Got It Wrong on Tokenization

Dec. 19, 2011

Prime Factors, a Eugene, Ore.-based data security company, recently responded to the August publication of the PCI DSS Tokenization Guide with a white paper of its own that attempted to address what it calls the shortcomings of the PCI document. Tokenization Guidance: How to Reduce PCI Compliance Costs, licensed by Prime Factors and completed by research firm Securosis, said the PCI Tokenization Guidance doesn’t answer the central question it purports to examine: How does tokenization alter PCI compliance? “They released ‘guidelines’ which are lacking in guidance,” the authors said. Prime Factors said the paper helps the merchants determine what is in or out of scope and provides audit advice and a tokenization audit checklist for how PCI requirements apply to systems that use tokenization. “Given that tokenization offers better security, simplifies data storage security, and makes audits easier, it’s baffling that the [PCI] Council failed to offer clear advice that would encourage adoption,” the paper concluded. “Discovering what’s missing from the official guidelines—usually only discovered after purchasing a product and coming to grips with how it really works—is no recipe for success. To request a copy of the white paper click here.



Advertisement


  • Samsung Launches Samsung Pay - March 5, 2015
    Samsung Launches Samsung Pay

    Samsung this week launched its in-store mobile payment solution that looks and sounds a lot like Apple Pay, but its inclusion of technology from its new acquisition LoopPay may give it the edge in the short term.

  • Report: West Virginia Hospitable for CNP Fraudsters - March 2, 2015
    Report: West Virginia Hospitable 

for CNP Fraudsters

    In a state-by-state comparison in the U.S., a new report found West Virginia topped the list for the highest percentage of residents who had been victimized by fraud and for the state with the most fake IP addresses used by fraudsters to perpetrate card-not-present fraud.

  • Uber Confirms Driver Database Hacked - March 2, 2015
    Uber Confirms Driver Database Hacked

    On Friday, Uber acknowledged a data security breach that affected 50,000 of its drivers and said in it had become aware of the breach in September of 2014 and that the intrusion itself occurred on May 13, 2014.

  • ACI to Keep and Develop ReD Shield - Feb. 5, 2015
    ACI to Keep and Develop ReD Shield

    Florida-based processor ACI Worldwide this week said it has "confirmed its commitment" to the continuing development of the antifraud technology it inherited in its August acquisition of software provider ReD.

  • Cook: 2015 'Year of Apple Pay' - Feb. 2, 2015
    Cook: 2015 ‘Year of Apple Pay’

    Apple CEO Tim Cook said Apple Pay now accounts for more than two thirds of all dollars spent on in-store contactless payments across the three biggest U.S. card networks and called 2015 "the year of Apple Pay

Advertisement

 

 

Sign Up Today Free

Receive the twice weekly CNP Report and monthly feature articles providing in-depth examinations of global CNP issues.

Please take a moment and register.
* First Name:

* Last Name:

* Password:

* Confirm Pwd:

* Email:

* Category:

Company:

 
Captcha
Answer:

 

 

CNP Archive

Researching companies or people in the CNP industry? Search our past coverage for targeted news and information.

Search here