The everyday consumer assumes that when they make a purchase, either online or in the checkout-line, their card data is handed off to a trusted source with proper security in place. They don’t see the complicated ecosystem that exists to process that transaction, nor fully understand the retail data security mechanisms that make up the foundation for protecting customer data.
The retail ecosystem is complex. One compliance standard doesn't cover all vulnerabilities points. In order to offset the chance of a breach, it is critical for retailers to understand the vulnerability points, and establish a plan of action to mitigate the risks.
64% of consumers are unlikely to do business again with a company that experiences a breach in which financial information is stolen.
With the help of Gemalto's SafeNet Identity and Data Protection solutions, retailers can successfully protect customer data obtained from transactions and other operations and dramatically reduce the cost and complexity associated with regulatory compliance.
For retailers, the most significant compliance mandate is the Payment Card Industry Data Security Standard—outlining a set of 12 that covers secure networks, the protection of cardholder data, the implementation of a vulnerability management program, guidelines for stronger access controls, and the establishment of an information security policy.
Beyond cardholder data, retailers need to protect all sensitive data wherever it exists, and limit access to this data. Utilizing encryption and/or tokenization is the most effective way to secure data, even when a breach has occurred.
Security needs to include the point-of-sale or point-of-interaction terminals, and the payment application software. These devices are more connected than ever before, and even more appealing target for an attacker. For this reason, code signing is used to issue unique identities, and securely push software updates to the devices in the field.
Point-to-Point Encryption encrypts card data from the earliest possible moment of its capture, and ensures that data remains in a consistent encrypted state until it arrives at the payment gateway. This approach is the cleanest approach to transaction protection.
eCommerce poses even different, but equally challenging issues, compared to the traditional retail environment. By creating an encrypted tunnel, through a secure socket layer (SSL), retailers are able to protect their online customers’ data from the earliest possible moment—establishing a secure, encrypted communication session to allow private information to be transmitted across open networks such as the Internet.
Encrypting the high speed communication networks set-up between the store sites datacenter is a critical next step for securing the infrastructure and protecting customer data, cardholder data, and overall company information.
In developing the Solve DataShield offering, it was vital that we effectively comply with all the relevant PCI P2PE standards, including robust key management policies. Gemalto SafeNet Luna EFT HSMs delivered all the security capabilities that were required, while providing a platform that we could deploy quickly and manage efficiently.
- Nick Stacey, Dir. of Business & Market Operations at The Logic Group
Gemalto recently conducted a global survey of consumers to assess how they perceive organizations that are the victim of data breaches. The findings, as outlined in the infographic below, sh
Trust is essential in building relationships, and for organizations that hold vast quantities of customer
data, this is especially the case.
This report presents the key findings f
For retailers, financial institutions, payment processors, and a range of other organizations that store or
access payment card information, and the service providers that enable their b
Virtualization has brought enormous benefits to hundreds of thousands of businesses across the globe. However, the move to these systems has also posed significant implications for securi
In 2015, data breaches got much more personal than in previous years. While cybercriminals made headlines stealing credit card data and financial information in 2013 and 2014, the theft o
Payment Card Industry Point-to-Point Encryption (P2PE)
standards provide detailed guidelines for building payment
processing solutions that safeguard payment data at all times.
Gemalto’s SafeNet Payment HSM integrates with Visa Data Secure Platform (DSP) in both of the DSP operation modes to ensure the integrity of the encryption used to securely transmit customer
Thank you for your interest in our products. Please fill out and submit the form to receive more information about Gemalto
or to be contacted by a Gemalto specialist.
By submitting this form I agree to receive information from Gemalto and its affiliates as described in our Privacy statement.