RSA outlines secure card payment services
RSA, the Security Division of EMC, has released a new security brief on how advanced security technologies can be combined with emerging outsourced services to relieve merchants of the growing burden of storing electronic payment card information.
Experts from companies including RSA, First Data Corporation and Visa have urged merchants to rethink how they manage card data, asserting that they can gain better business insight and value without having to keep card numbers at all. When it comes to maintaining credit card data, merchants face increasing challenges as IT demands expand, PCI requirements escalate and credit card thieves grow more sophisticated.
Within this environment, the new RSA Security Brief introduces a model for outsourcing credit card data security called "secure payment services." Secure payment services transfer safeguarding card information to outside service providers, improving electronic card data security while simultaneously reducing the time, complexity and cost of achieving PCI compliance for merchants.
"The benefits of secure payment services can be significant. We believe many merchants will move to an outsourced services model by 2015," said Craig Tieken, Vice President, Merchant Product Management, First Data. "As the merchant responsibilities associated with storing payment card data continue to increase, these new centralized repositories allow merchants to preserve all the marketing and operational advantages of tracking card information while transferring a large portion of the risk by removing the card numbers from the merchant s card environment. This shift will create a new industry standard for securely processing credit, debt and other payment card transactions."
RSA’s new Security Brief also outlines how next-generation payment processing services take advantage of end-to-end data encryption and a newer technology called ‘tokenization.’ "Secure payment services based on encryption and tokenization will radically transform how most merchants handle payment card data," explained Sam Curry, Chief Technologist at RSA.
Data encryption obscures card numbers by scrambling them in a reversible format. Tokenization replaces card numbers altogether with safe proxies that cannot be fraudulently used for purchases, but still allow merchants to track and analyze the customer purchasing behaviors associated with each payment card. The security brief describes a model for using end-to-end encryption and tokenization together to render card numbers unusable when intercepted by thieves.
- Malware Targeting Linux On The Rise, Shows Study
- Cloud or On-Premise Security: Striking A Balance for Optimal Protection
- Weekly Rewind: Top 10 Stories On CXOToday (Jun 19-24)
- Refiners Still Reluctant To Invest In Digital Tech: Study
- India Now Has 50K Positions Open For Analytics Jobs: Study
- BlackBerry’s ‘Enterprise of Things’ To Enhance How We Work
- Indian Firms May Lose Rs 11 Cr To Data Breaches This Year: IBM
- CRM To Get Smarter With Artificial Intelligence
- Banks Should Prop Up IT To Avoid GST Challenges
- Weekly Rewind: Top 10 Stories On CXOToday (Jun 12-16)