3 Core PCI-DSS Tokenization Models- Choosing the right PCI-DSS Strategy

Presented by

Adrian Lane, Analyst-CTO Securosis, Blake Dournaee, Intel

About this talk

When securing credit card data, the imperative to be PCI DSS compliant remains a constant, while the actual solution implemented by merchants can vary depending on the size and nature of an organization. A solution for a small merchant with low transactions will differ from mid-sized retailers with a web presence…from a large merchant with POS & back-office payment infrastructure. Securosis.com’s expert PCI-DSS analyst Adrian Lane, dissects the deployment models with pros and cons of: on-prem vs outsourced models, proxy based tokenization, and format preserving encryption. Adrian covers base tokenization flows for newbies and reflects on detailed cost, pricing, & vendor lock-in concerns for deployments in progress. You will learn: •3 Core Models: Tokenize all infrastructure, modify point apps with API/SDK, Proxy-modify data in transit •Patterns for tightly coupled payment & back office systems •Tokenization as a Service- expense of token format migration •Cost considerations to consider

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (1370)
Subscribers (42911)
Increasing expectations for good data governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance for insights on how to implement successful GRC strategies and processes for your organization.