First Data and RSA, the security division of EMC, have joined forces to provide Secure Transaction Management, a new service that enables merchants to secure payment card data and remove it from their environment while allowing access when needed.
The companies said that the new service is powered by the RSA SafeProxy architecture, which employs a combination of tokenisation and improved encryption, to provide merchants with the capability to eliminate credit card data from their environments without loss of business functionality.
The companies claim that the new service is designed to reduce the cost of complying with the Payment Card Industry Data Security Standard (PCI DSS).
According to the companies, by using the new service, payment card data is encrypted at the time it is captured by the merchant’s existing point-of-sale application and remains encrypted until it is securely delivered to the First Data authorisation switch where decryption occurs.
In addition, once authorised through the switch, the card number is replaced by a ‘token’ value that cannot be linked back to the original card data. When needed, merchants can access the original card number through a secure vault that First Data maintains for controlled authorised look-ups.
Michael Capellas, chairman and CEO of First Data, said: The simplicity of integrating encryption with tokenisation through the First Data Secure Transaction Management service dramatically redefines how merchants of all kinds manage and protect their customer payment data.