This resource is no longer available
3 Tokenization Models for Choosing the right PCI-DSS Strategy
When securing credit card data, the imperative to be PCI DSS compliant remains a constant, while the actual solution implemented by merchants can vary depending on the size and nature of an organization. A solution for a small merchant with low transactions will differ from mid-sized retailers with a web presence, or a large merchant with POS & back-office payment infrastructure.
Securosis.com’s expert PCI-DSS analyst Adrian Lane, dissects the deployment models with pros and cons of on-prem versus outsourced models, proxy based tokenization, and format preserving encryption. Adrian covers base tokenization flows for newbies and reflects on detailed cost, pricing, & vendor lock-in concerns for deployments in progress. You will learn:
- 3 Core Models: Tokenize all infrastructure, modify point apps with API/SDK, Proxy-modify data in transit
- Patterns for tightly coupled payment & back office systems
- Tokenization as a Service- expense of token format migration
- Cost considerations to consider