NB: This is a guest post by Merchant Link, providers of security and support for credit card transaction and payment systems.
Day Five: Reducing the scope of PCI Compliance
Most merchants agree - when it comes to ensuring compliance with the PCI standards, there is a heavy burden to bear.
This burden is faced by any merchant who accepts payment by credit or debit card, regardless of the size, and there are very few ways to cut corners.
In a recent report, software-based point-of-sale systems (POS) were noted as the most frequently breached area across all of the industries involved (85%), because they represent the easiest method for criminals to obtain credit card data.
However, when a merchant implements a tokenization solution, it is one of the few ways to reduce the overall scope of the merchant’s PCI compliance audits.
Tokenization is the replacement of a data element (such as a credit card number) with another data element which serves as a reference to the original.
This process eliminates real credit card data so if someone tries to steal the credit card number, all they end up with is a non-actionable token that has no value.
The scope of a merchant’s PCI compliance audit can be significantly reduced since the sensitive data is no longer stored on the merchant’s POS systems, thereby reducing the cost associated with maintaining PCI compliance, as well as the risk of potential data breaches.
NB: This is a guest post by Merchant Link, providers of security and support for credit card transaction and payment systems. Follow on Twitter.