The PCI DSS is issued by the PCI Standards Security Council, comprising AmEx, Discover, JCB, MasterCard, and Visa, and sets requirements for merchants or companies involved with storing, processing, or transmitting customer payment data, such as credit card information.
Pleasanton, California-based Trapeze said the service with Renaissance will provide supplementary security capabilities on an affordable monthly basis, enabling retailers to avoid the major costs of replacing legacy equipment such as portable data terminals that do not meet the latest PCI security standard.
Trapeze said US retailers face a difficult challenge because they have made substantial investments in legacy wireless devices that rely on the Wired Equivalent Privacy (WEP) standard to protect customer data over wireless networks. It said the problem is that WEP has been shown to present a number of vulnerabilities. The PCI DSS requires that WEP-protected networks either be upgraded or supplemented with additional security, it said. For a vast number of retailers, upgrading this legacy equipment would be entirely cost-prohibitive.
The partnership with Renaissance is designed to address this issue. The managed service from Trapeze and Renaissance uniquely solves this problem by implementing an active security beacon in the retail facility and remotely monitoring it to detect and neutralize any potential threats to data or network security, said the WLAN vendor. To do this, it deploys technology from wireless intrusion detection/prevention system vendor AirDefense, provided in the form of a lease-to-own contract.
Strong data security is a critical requirement for today’s retailers who handle sensitive customer payment data, said Trapeze CEO Jim Vogt. Along with our partner Renaissance, our joint solution will enable retailers to protect the value of their investment in legacy wireless infrastructure while cost effectively meeting the high security standards set down by the Payment Card Industry.
Our View
The message here is investment protection. If you’re a retailer who has deployed WEP and now finds it isn’t fit for purpose when it comes to complying with PCI DSS, Trapeze and Renaissance offer you a service based on the AirDefense WIDS/WIPS technology, enabling you to comply without having to rip and replace your existing infrastructure. The deal with Renaissance is specific to the US, which is also the first market where PCI DSS is actually biting, but the requirements are also being introduced across Europe, so will Trapeze announce something similar for other geographies?
