Is There a Way to Eliminate Clear-Text Cardholder Data from Your Network?

Many leading retailers and financial services are turning to two technologies: point-to-point encryption (P2PE) and tokenization to help eliminate clear-text customer data from being anywhere on the network. Combining both P2PE and tokenization creates a security powerhouse, recommends David Close, chief solutions architect at Futurex, as he explains in his latest article in The Green Sheet. Using both minimizes the risk of exposing customer data by storing it in a tokenized format and protecting it at every point of the interaction.

How P2PE works is data is encrypted at the initial point of capture, decrypted within the secure boundary of a hardware security module (HSM), and re-encrypted using a transfer key for payment validation by the processer. Customer data remains encrypted throughout the entire payment process, reducing the exposure of data.

Tokenization is a representation of the data, using cryptographically-generated substitute characters as placeholder data to preserve the data format. The token is linked to that specific cardholder account and, by itself, has no intrinsic value. The adoption of tokenization in this industry has ushered in substantial increases in security and an overall reduction in compliance costs for organizations around the world. In his article, David outlines the differences between vaulted tokenization and vaultless tokenization.

Read about financial services organizations’ security best practices to manage and secure the billions of transactions each and every day.