What's Next After the EMV Migration? Tokenization

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7
Next Next

Harden Security with HSM-Enabled Tokenization

Encrypting data via the use of tokens is the first step in protecting critical business and consumer data. The second step is to create and store the cryptographic key that unlocks those tokens. Hardening security means creating a secure key via true random number generation, which relies on the anomalies in physics instead of the constraints of zeros and ones found in software code.

Storing a cryptographic key is just as important as creating it. Software solutions store keys in main memory, which means the system administrator, and anyone else with server access, has access to and the capability to create an extra key to access the data. Hardware-based tokenization instead offers strong security even in the most hostile environments. The module can detect when any attack is happening, in the form of drilling, heat, power blackout or chemical attack, and automatically delete the keys immediately.

As one of the last countries in the world, the U.S. will migrate to an EMV-based payments infrastructure on October 1, 2015. By then, Visa and MasterCard alone will have issued more than 550 million chip and pin cards. While migration to an EMV-based payments infrastructure is a significant step in securing payment data, it won't eradicate all risks.

Typically, payment data flows from the customer in the swipe of the payment card, via the merchant's point-of-sale terminal, to the acquirer and then onward to the card association for payment validation. When an EMV chip is embedded in a card, it helps ensure that the card being used is real and that it in fact belongs to the person using it, thereby drastically reducing the risk of stolen or counterfeit cards in comparison to traditional magnetic stripe cards.

These chip and pin cards are a vast improvement for preventing counterfeit use in comparison to traditional magnetic stripe cards. However, security controls still need to be put in place to protect cardholders' confidential information on payment cards not just at the moment the card is swiped or dipped, but all the way through the transaction process. To secure data in-transit, merchants are turning to tokenization.

In this slideshow, Malte Pollman, CEO of Utimaco, a leading manufacturer of hardware-based security solutions, looks at how merchants will need to take extra steps toward encryption and tokenization if they want to truly secure transactions.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

Security117-190x128.jpg 5 Steps to Protect Executives from a Whale-Phishing Attack

Whaling is a type of spearphishing targeting "big fish" in an organization with access to sensitive, highly-valuable information. ...  More >>

Security116-190x128.jpg 5 Common Failures Companies Make Regarding Data Breaches

Five common failures companies make when preparing for, and responding to, a data breach, as well as guidance for companies on how they can tackle these issues. ...  More >>

Security115-290x195 Data-Centric Approach Starves Data-Hungry Cybercriminals

Incorporating security capabilities such as encryption, better control and management and a data security framework will help alleviate the burden breaches place on the organization and people's lives. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.