Blog

Virtual Terminal

06 Dec
2018

PCI Scope Reduction Using Tokenization for Security Assessors

Yesterday, we presented a webinar that guides QSAs through the assessment of a tokenization implementation, from providing a general overview of tokenization to highlighting what to look for when evaluating specific PCI controls. If you weren’t able to join us, or if you’d like to download it to view again,

26 Nov
2018

Setting the Record Straight: Payment Tokenization vs. Data Security Tokenization

by Jacob Burcham EMVCo Payment Tokenization EMVCo is a consortium of major credit card brands dedicated to ensuring the interoperability and acceptance of secure payment card transactions. Europay, MasterCard, Visa, JCB, American Express, UnionPay and Discover work together to form standards and frameworks for the systems that support payment card transactions.

20 Nov
2018

The Importance of Protecting Cardholder Data During Black Friday and Cyber Monday

by Dillon Phillips The two biggest shopping days of the year – Black Friday and Cyber Monday – are almost here. These multibillion-dollar consumer spectacles kick off the holiday season for merchants and retailers, making this an extremely lucrative time for businesses and a valuable opportunity for them to evaluate their

15 Nov
2018

The Aftershock of GDPR (Part 2)

Tokenization + Security-as-a-Service John Noltensmeyer | Head of Global Privacy and Compliance Solutions, TokenEx Nancy Free | Chief Compliance and Data Privacy Officer In the last blog, we discussed the new GDPR standards, what they mean for organizations and individuals, and the ripple effect as other countries implement similar legislation. With so

13 Nov
2018

The Aftershock of GDPR

John Noltensmeyer | Head of Global Privacy and Compliance Solutions, TokenEx Nancy Free | Head of GRC and Corporate IT This year, information security professionals experienced a significant impact to the industry: The European Union’s (EU) General Data Protection Regulation (GDPR). Since its implementation on May 25th, the way companies around the globe

12 Nov
2018

Assessing a Tokenization Environment

When performing audits, QSAs are expected to evaluate an entity’s processes for adhering to the Payment Card Industry Data Security Standards (PCI DSS). This can be a cumbersome, time-consuming task, and it requires a deep knowledge and understanding of various types of compliance strategies. Often, businesses choose to meet PCI requirements

25 Oct
2018

5 Takeaways from PCI Europe Community Meeting

5 Takeaways from PCI Europe Community Meeting 1. QSAs underestimate the PCI DSS scope reduction provided by cloud-based tokenization. While familiar with tokenization as an on-premise solution or as a service provided by payment processors, many QSAs we spoke with during the PCI Europe Community Meeting were often unaware of