First Data Corporation has announced it has expanded the merchant pilot of the its TransArmor data security solution to more than 400 U.S. merchants. FDC's TransArmor solution was developed in partnership with EMC Corporation and "addresses the root cause of merchant data security issues by removing payment card data from the merchant environment as part of processing the transaction, significantly reducing risk and the scope of PCI compliance efforts."
The solution leverages the RSA SafeProxy™ architecture, a powerful combination of asymmetric encryption, tokenization and key management engineered to provide the benefit of end-to-end protection and eliminate on-site cardholder data storage for merchants. Unique features of the token make it possible for merchants to continue to handle key business functions such as returns, recurring billing, loyalty programs and other analysis, without enabling card data to be used for fraudulent transactions.
On Feb. 26, 2010, the TransArmor solution tokenized the very first commercial transaction over the STAR® Network at the Center of Science & Industry (COSI) in Columbus, Ohio. A First Data company, STAR is one of the nation’s leading electronic funds transfer (EFT) networks with more than two million retail and ATM locations.
Unlike some solutions in the marketplace, the TransArmor solution can be implemented without the need for new hardware or back-end IT operations. The solution works with First Data as well as other terminals or point-of-sale systems and can be consistently applied across brick-and-click environments.
“The response from merchants interested in participating in this trial has been enormous and a testament to the sought-after service TransArmor delivers,” said Craig Tieken, vice president of Merchant Product Management at First Data. “Up until now, there have been few easy and cost-effective solutions to the growing problem of managing the risks of handling sensitive payment card data. TransArmor represents a fundamental change in how merchants can confidently protect and manage cardholder data.”
The consequences of a merchant data compromise in legal, financial, consumer confidence and brand loyalty terms can be overwhelming. According to the 2009 U.S. Cost of a Data Breach Study by the Ponemon Institute, the average cost for merchants coping with a data breach in 2009 rose to $6.7 million with the cost per customer record breached estimated at $204. With the TransArmor solution, customer card information is retained only at the processor and protects merchants from the dangers of malicious attacks designed to steal payment card data in transit or in storage from merchant databases.
“Implementing effective data security can’t mean more complexity for businesses,” said Brian Fitzgerald, vice president, Marketing, RSA, The Security Division of EMC. “TransArmor successfully embeds industry-leading security technology into the payment processing infrastructure to make it available to, and more importantly, usable, by merchants of all sizes. TransArmor is an example of the type of partnerships required from industry leaders that will reduce the reliance on point solutions and enable an industry ecosystem with pervasive built-in security.”
Teams from RSA and EMC Consulting worked collaboratively with First Data through product strategy development and technology proof of concept for a successful pilot and product launch.