Let’s face it, storing customer credit and debit card numbers exposes issuers to potential data breaches. By replacing sensitive card data with non-transactional tokens the institution can retain the essential data, while enhancing security. This can help your institution:
Avoid the Costs of Security Breaches – Buyer Beware! No one can entirely safeguard your institution from security breaches. However, tokenization can at least help reduce the consequences of a breach, such as:
- Loss of existing customers
- Decline in new acquisitions
- Disputed transactions
- Card replacement
- Increased labor to field customer inquiries
- Legal fees
- Credit counseling for affected customers
- Promotional campaigns to rebuild trust
Limit Your Exposure to Malicious Attacks – According to the recent “3rd Annual Underground Hacker Markets Report,” by SecureWorks, rates for data from premium credit cards ranged from $30 to $80 on the black market. Eliminating the PAN reduces the value/demand for your data which in turn reduces malicious attacks. Whether a breach is caused by human error, system glitch or malicious attack the ability to use a token to transact reduces the risk exposure after a breach.
Reduce the Complexity of PCI Compliance – Replacing your card-holders’ primary account number (PAN) with non-transactional tokens in reports and files eliminates storing live account numbers in non-secure environments and therefore reduces PCI DSS compliance scope. (Payment Card Industry Data Security Standard applies to companies of any size that accept credit card payments. If your company intends to accept card payment, and store, process and transmit cardholder data, you need to host your data securely with a PCI compliant hosting provider).
The reality is that hackers are determined to do whatever it takes to attack our financial institutions and victimize you and your cardholders.
But know there are also teams on the front lines and in the trenches, including some very talented security experts here at First Data, just as determined to better prepare your institution for these assaults.
INTERESTED IN TOKENIZATION? Want to learn how you can add the latest tokenization tools and fraud management solutions? Request a free briefing with one of our Security & Fraud Management Solutions Specialists.