May 10 , 2012
New service to help web merchants with PCI-DSS compliance
TORONTO -- Tenzing Managed IT Services, a provider of hosting solutions for e-commerce clients, partners and Software-as-a-Service (SaaS) providers, has launched PCI Assure, a new service that simplifies Payment Card Industry – Data Security Standard (PCI-DSS) compliance for e-commerce vendors. The service enables online merchants to capture customer credit card information from any website page while shortening the PCI-DSS Compliance process, a security standard for organizations designed to increase controls around cardholder data to reduce credit card fraud.
The system works via a tokenization solution. When credit card information is put into Tenzing’s secure “data vault” a token is created to represent the real credit card. The token is then used by the merchant and can be stored freely on any computer system. According to the company, the token can’t be decrypted outside of PCI Assure so even if it ends up in the wrong hands, the number cannot be used to breach real credit card data.
“With highly publicized data breaches on the rise, companies need to take a closer look at credit card security and PCI-DSS compliance,” says Brian Shepard, founder and CEO of Tenzing. “Whether a retailer is new to e-commerce or simply concerned about their current PCI-DSS compliance status, handling this in-house exposes their organization to significant risk, and requires extensive time and human resources to manage.”
The customizable system uses iFrame technology which can be easily embedded into any web application. The PCI Assure iFrame only captures credit card and card verification value or code (CVV) fields, leaving the remainder of the fields on the merchant’s website. Tenzing’s iFrame is 100 percent Level 1 PCI compliant. Since a merchant’s website never sees customer credit card information, their compliance process can be reduced to completing a simplified SAQ Type A.
PCI Assure has already been integrated into major payment gateways, including Paypal Payflow Pro, Authorize.net, iPay and others.
“PCI Assure allows for total flexibility at checkout,” says Shepard. “Merchants know that the checkout process is where the biggest potential losses in conversion can occur, especially if users are redirected to other hosted payment page solutions. With PCI Assure, merchants benefit from fewer abandoned carts.”