Protegrity Announces Vaultless Tokenization for Payments Industry

Proven Data Security Solution Now Enables Payment Processors and Payment Gateways to Cost-Effectively Scale Tokenization Across Their Entire Merchant Base


STAMFORD, CT--(Marketwire - May 23, 2012) - Protegrity, a leading provider of end-to-end data security solutions, today announced Protegrity Vaultless Tokenization for the Payments Industry, the first and only offering that enables processors and gateways to cost-effectively provide tokenization services across their entire client base. Protegrity now supports the largest companies in the payments industry with a lightweight tokenization solution that can scale to thousands of merchants, quickly, without the cost and complexity of backend database infrastructure. By replacing sensitive credit card information with randomly-generated tokens that do not require storage in a token vault, Protegrity removes primary account number (PAN) data from the payment environment, thereby facilitating PCI compliance and minimizing risk.

Traditional tokenization solutions were not designed to support thousands of distinct clients, a critical requirement for distributed payment networks. As a result, companies relied on expensive, complex replication and central database technologies to create a new vault for every merchant requesting tokenization. Not only is that approach cost-prohibitive to scale across the breadth of merchants and sales channels that processors and gateways serve, but it also introduces added risk of a token vault breach. Already proven as the leading Vaultless Tokenization solution for large, multi-site retailers, Protegrity is now the first solution to bring a high volume, high-speed multi-vendor tokenization solution to processors and gateways.

"Today's tokenization has failed the payments industry, requiring companies to create homegrown solutions or turn to limited vendor offerings that stifle their ability to effectively secure massive amounts of data across their full client base," said Suni Munshani, CEO of Protegrity. "With this announcement, Protegrity enables processors and gateways to remove their customers' financial, operational and security burden of dealing with toxic PAN data, while scaling across thousands of merchants. Our experience with large, multi-site retail brands, along with our scalable Vaultless Tokenization architecture, positions Protegrity to be the tokenization solution of choice throughout the industry."

About Protegrity Vaultless Tokenization for Payments Industry
Protegrity Vaultless Tokenization resolves the challenges associated with standard vault-based tokenization, such as: performance and scalability bottlenecks caused by latency, data collisions, and the need to store sensitive data and tokens in a token server. By eliminating the need for a token vault or database -- and therefore the storage of sensitive data and tokens -- Protegrity removes PAN from the authorization and settlement processes and delivers superior efficiencies, security and performance. It is easy to deploy with commodity hardware and enables centralized control over policy, key management and reporting.

Combined with its patent-pending architecture, Protegrity's new product features are uniquely designed to support the payments industry.

  • Multi-Merchant Tokenization: Protegrity Vaultless Tokenization enables processors and gateways to support limitless numbers of merchants. It is now possible to generate unique tokenized results of the same input data (e.g. credit card number) for each merchant -- irrespective of whether the merchant has multiple locations.
  • Token Transparency: Protegrity Vaultless Tokenization provides an unlimited number of token formats to account for differences in how merchants handle tokens. This token transparency ensures that merchants do not have to change their systems when they receive tokens.
  • Token Distinguishability: To support PCI DSS Tokenization Guidelines issued August 2011, Protegrity Vaultless Tokenization ensures that an actual credit card number can be distinguished from the tokenized credit card value in order to "validate the scope of the CDE [cardholder data environment] as part of their annual PCI DSS review."
  • End-to-End Data Protection: Protegrity's Vaultless Tokenization has the ability to provide end-to-end protection from the store to the payment processor or gateway, for data at rest or in transit. This allows the processor or gateway to deliver secure credit card processing to their merchants that is cost-effective and scalable.

Protegrity Vaultless Tokenization for the Payments Industry is available immediately. Contact info@protegrity.com or visit the Protegrity website for more information.

About Protegrity
Headquartered in Stamford, Conn., Protegrity provides high performance, infinitely scalable, end-to-end data security solutions that protect sensitive information across the enterprise from the point of acquisition to deletion. The company's award-winning software products span a variety of data protection methods, including end-to-end encryption, vaultless tokenization, masking, and monitoring and are backed by several important data protection technology patents. Currently, more than 200 enterprise customers worldwide rely on Protegrity's comprehensive data security solutions to enable compliance for PCI DSS, HIPAA and other data protection mandates while protecting sensitive data, brand, and business reputation. For more information, please visit http://www.protegrity.com.

Contact Information:

Media Contact:
Maria Bradley
Kickstart Consulting for Protegrity
(415) 509-0498
mbradley@kickstartconsulting.com