Credit Card Data Protection

One of the most important features of the Payment Card Industry Data Security Standard (PCI DSS) is the mandate for credit card data protection. Specifically, the third requirement says that you must “Protect stored cardholder data,” and the fourth says that you must “Encrypt transmission of cardholder data across open, public networks.”

Recently, there has been a number of high profile security breaches that have cost companies millions of dollars in fines, remediations, and any number of law suits. Examples like these should remind us that it is imperative to install and maintain strong credit card data protection measures.

At Braintree Payment Solutions we store your sensitive data on our Level 1 PCI compliant environment so you’ll always know that your important information is as secure as it can be.

PCI Compliance Solutions

If your company stores, transmits, or otherwise processes credit card data, it is required to be PCI compliant. There are 12 separate requirements with more than 200 individual security controls that need to be addressed.

At Braintree we address the two crucial components of credit card data protection with:

  • Remote Storage: Moving your sensitive cardholder data from an unsecured internal system to an outside, highly secure system is one of the best ways to protect your business from intrusion.
  • Transparent Redirect: Our solution is completely invisible to your customers, which means they can conveniently make a purchase on your website without ever leaving the URL. It is simple for them and safe for you because you never have to store any data on your own system.
  • Credit Card Data Protection By Encryption: Should anyone happen to get by all the other security measures protecting your data, the only thing they should find is garbled information. Encryption is critical for credit card data protection because without the right cryptographic keys criminals cannot, in any way, use or even read the information they accessed.

At Braintree, our Vault technology remotely stores sensitive information and issues a unique customer ID in the form of a token. These tokens are useless to criminals and allow you to perform subsequent transactions quickly and efficiently.

Contact Us

If you have any questions about protecting credit card data, or would like to get begin the process of reaching PCI compliance, contact Braintree today.

Resources


New to processing?

Merchant Account Quick Guides

PCI Compliance Quick Guides

Developer Resources
 
Braintree mark

Braintree

Site Links

Resources

 

© 2010 Braintree Payment Solutions. All rights reserved. Braintree is a registered ISO/MSP of Wells Fargo Bank, N.A., Walnut Creek, CA