Category: PCI DSS Requirement 3
Protect stored cardholder data.
PCI DSS Requirement 3 relates to the fact that any type of sensitive data may be protected utilizing mechanisms such as encryption, one-way encryption (or hashing), truncation and masking. These are core mechanisms for protecting sensitive cardholder data from being compromised. Protection utilizing these mechanisms is often the centre of the security onion or last resort of protection should a malicious individual or hacker breach all of the higher layers of security controls. It should be noted that strong, industry-accepted encryption mechanisms with associated strong key management must be implemented for the protection to be effective. The typical analogy for bad encryption with poor key management would be for a person lock their front door to secure their home but leave the key in the lock.
Safenet
SafeNet Tokenization Manager receives the cardholder data right after its initial entry point, encrypts it, stores it in the Token…
- Location
- 4690 Millennium DriveBelcamp, MD 21017
- Views
- 419
Thales
Products and services from Thales e-Security can help you implement effective, high assurance tokenization solutions to protect customer information, reduce…
- Location
- 900 South Pine Island Road, Suite 710Plantation, Florida, 33324
- Views
- 390
Gemalto
Gemalto Payment HSM supports cloud tokenization requirements for secure mobile payment transactions and digitization of credit card credentials
- Location
- Ge?malto6, rue de la Verrerie - CS20001 92197 Meudon Cedex France
- Views
- 516
Futurex
Organizations of all industries are responsible for storing a vast amount of sensitive data. By implementing the tokenization technology within…
- Location
- 864 Old Boerne Road , Bulverde, Texas 78163 USA
- Views
- 366
Voltage
Voltage Secure Stateless Tokenization represents a paradigm shift in tokenization. It provides service at a higher performance and with greater…
HP
HPE Security? Data Security delivers the SST Solution running on HPE NonStop servers, the platform of choice for payments processing…
PGP
As of June 2010, PGP Corp was acquired by Symantec. Now PGP is available only from Symantec. Pretty Good Privacy…
DESlock
DESlock+ is a simple-to-use encryption application for companies large and small. Take advantage of the optimized setup that speeds up…
- Location
- DESlock Limited3 Heron Gate Office Park Hankridge Way Taunton UK TA1 2LR
- Views
- 352
Endpoint Protector
As a full Data Loss Prevention (DLP) and Mobile Device Management (MDM) product available for Windows, Mac OS X and…
- Location
- Endpoint Protector GmbHGebhardstr. 7 D-88046 Friedrichshafen, Germany
- Views
- 344
Vormetric
The Vormetric Data Security Platform provides data protection products to secure and control enterprise data at rest. Vormetric (@Vormetric) is…
- Location
- 2545 N. 1st Street, San Jose, CA 95131United States
- Views
- 431