Quick Links
Advertise with Sarbanes Oxley Compliance Journal
News


< Back

Sarbanes Oxley : Data Governance : Security

Stem the Onslaught of System Wide Attacks

November 5, 2014 12:00 PM


Mark Bower
Vice President of Product Management
Voltage Security

“By introducing this service, American Express confirms that contemporary data-centric security approaches are necessary to stem the onslaught of system-wide attacks that traditional payment card data defenses cannot sustain on their own, said Mark Bower, Vice President of Product Management, Voltage Security.  
 
Payment Tokenization provides a granular defense to reduce the exposure of live credit and debit card data in vulnerable systems. With Payment Tokenization approaches like this, innovative mobile wallet-based payments can enable new ways for consumers to pay with the benefit of reduced breach risk. After a consumer’s card  and mobile wallet are registered for Payment Tokens from the service, instead of live data being presented at the checkout, the smartphone acts like a virtual credit card by emitting a Payment Token instead of physical card data to the card reader. The merchant POS and IT never see live data during this type of transaction.
 
Also, the range of transactions possible with a Payment Token might be further restricted by business rules to avoid the Payment Token itself being stolen or abused.  Upstream from the merchant, the back-end Payment Tokenization Service recovers the card and completes the transaction, if  the Token Service rules allow.
 
However, while the US is finally shifting away from vulnerable magnetic stripe cards to EMV cards and secure mobile payments like this, all three payment methods will be around a long time. Data security strategies must therefore cover risks across all of them. Contemporary tokenization and point-to-point encryption provide a formidable combination to neutralize malicious attacks to payment streams across the spectrum of mobile, EMV, traditional brick and mortar, and e-commerce payment flows.”

About Voltage

Voltage Security, Inc. is the world leader in data-centric encryption and tokenization. Voltage provides trusted data security that scales to deliver cost-effective PCI compliance, scope reduction and secure analytics. Voltage solutions are used by leading enterprises worldwide, reducing risk and protecting brand while enabling business.








About Us Editorial

© 2015 Simplex Knowledge Company. All Rights Reserved.   |   TERMS OF USE  |   PRIVACY POLICY