Credit card
Image via Wikipedia

Eight Ways to Reduce PCI DSS Audit Scope by Tokenizing Cardholder Data

Merchants are constantly seeking ways to simplify and reduce the scope of the Payment Card Industry’s Data Security Standard (PCI DSS) compliance by shrinking the footprint where cardholder data is located throughout their organization.

By reducing the scope, these Merchants can dramatically lower the cost and anxiety of PCI DSS compliance and significantly increase the chance of compliance be that an audit or a Self Assessment Questionnaire (SAQ).

The White Paper “Eight Ways to Reduce PCI DSS Audit Scope by Tokenizing Cardholder Data” explores the use of tokenization as a best practice in improving the security of credit card transactions, while at the same time minimising the cost and complexity of PCI DSS compliance by reducing audit scope.

The 8 Ways are

  1. Centralized data vault
  2. Tokens as data surrogates
  3. Tokens as surrogates for masked data
  4. No mathematical relationship between tokens and data values
  5. One-to-one or one-to-many token/data relationships
  6. Format Preserving Tokenization™
  7. Centralized key management
  8. Tokenization as a Service™ (TaaS)

For the full description of the 8 methods simply download the white paper here

Registration is required, some personal email accounts do not work e.g. Hotmail and Gmail. If you are having a problem please leave a comment and I will try to email the paper directly to you.

Also see a Free eBook  “Tokenization for Dummies” here.

.

Advertisements