Advertisement

White Paper: Where the PCI Council Got It Wrong on Tokenization

Dec. 19, 2011

Prime Factors, a Eugene, Ore.-based data security company, recently responded to the August publication of the PCI DSS Tokenization Guide with a white paper of its own that attempted to address what it calls the shortcomings of the PCI document. Tokenization Guidance: How to Reduce PCI Compliance Costs, licensed by Prime Factors and completed by research firm Securosis, said the PCI Tokenization Guidance doesn’t answer the central question it purports to examine: How does tokenization alter PCI compliance? “They released ‘guidelines’ which are lacking in guidance,” the authors said. Prime Factors said the paper helps the merchants determine what is in or out of scope and provides audit advice and a tokenization audit checklist for how PCI requirements apply to systems that use tokenization. “Given that tokenization offers better security, simplifies data storage security, and makes audits easier, it’s baffling that the [PCI] Council failed to offer clear advice that would encourage adoption,” the paper concluded. “Discovering what’s missing from the official guidelines—usually only discovered after purchasing a product and coming to grips with how it really works—is no recipe for success. To request a copy of the white paper click here.


  • CurrentC to Begin Consumer Testing Phase - July 30, 2015
    Current C to Begin Consumer Testing Phase

    MCX, the merchant-backed initiative developing a contactless mobile payment system to compete with Apple Pay and others, this week confirmed a Bloomberg News report that its CurrentC mobile solution is moving from an employee test into a limited pilot test phase with consumers.


Advertisement


  • PayItSimple Launches in UK - July 16, 2015
    PayItSimple Launches in UK

    PayItSimple USA, a company that enables consumers to tap the available credit on their credit cards to enable installment payments online, is launching its service in the U.K.

  • Data Breaches: Passwords and Baseball - June 18, 2015
    Data Breaches: Passwords and Baseball

    While the U.S. government continues to assess the damage done by the illegal intrusion of the networks of the Office of Personnel Management, two other hacks uncovered this week show the evolving nature of data breaches and the variety of information hackers are seeking.

  • Former NBA All Star Turns to CNP Fraud - June 1, 2015
    Former NBA All Star Turns to CNP Fraud

    Chris Gatling, a forward who played for eight different teams over an 11-year NBA career that included one All-Star Game appearance, was arrested in Scottsdale, Ariz. on Thursday and charged with fraud, aggravated identity theft and forgery.

Advertisement

 

 

Sign Up Today Free

Receive the twice weekly CNP Report and monthly feature articles providing in-depth examinations of global CNP issues.

Please take a moment and register.
* First Name:

* Last Name:

* Password:

* Confirm Pwd:

* Email:

* Category:

Company:

 
Captcha
Answer:

 

 

CNP Archive

Researching companies or people in the CNP industry? Search our past coverage for targeted news and information.

Search here