The majority of merchants interviewed by Gartner cited credit card data storage as the single greatest challenge in achieving and maintaining PCI DSS Compliance. Additionally, as a number of recent breaches have demonstrated, even merchants that spend significant amounts of time and money on compliance and security are getting compromised.
Our solutions entirely eliminate the handling, processing and storage of credit card information from ever entering a merchant environment. Without the credit card information passing through or being stored in internally, PCI scope is greatly reduced and security is increased as there is no sensitive data present to be stolen.
By using our Vault, merchants can remotely store credit card data and receive a token in return to initiate future transactions. Tokens can be up to 32 alphanumeric characters and can be determined by the merchant to match internal numbering schemes or randomly generated.
Tokens can include all relevant customer information including shipping and billing address, any product related details, and nearly any other details. Additionally, merchants can store Social Security and Drivers License numbers and other sensitive data.
By eliminating the presence of any credit card information in a merchant environment, PCI scope can be reduced by as much as 90% and only being required to meet roughly 20 of the 200+ individual controls.
Merchants can choose to access all remotely stored information for reporting and reconciliation purposes via our Control Panel or the API. Using the control panel, administrators can manage an extensive set of user permissions to control which users have access to the remotely stored credit card information. Users permissions also include the ability control sales, credits and refunds.
New to processing?
Merchant Account Quick Guides
PCI Compliance Quick Guides
Developer Resources
© 2010 Braintree Payment Solutions. All rights reserved. Braintree is a registered ISO/MSP of Wells Fargo Bank, N.A., Walnut Creek, CA
