Looking at the state of payments security, the industry (and our economy in general) is ready for some structure and organization. There are several solutions out there for protecting credit card data – from encryption to EMV. Tokenization stands out as the solution that offers the most protection for merchants while offering straightforward implementation. How do we plan to prove that? Keep reading.
Since October 2013, we’ve positioned credit card tokenization as the best solution for merchants to protect sensitive credit card data. You could say that our content in totality makes up the business case that proves tokenization’s worth. In this article, our goal is to pull all the facts, figures and features into one place.
A business case is a document that’s intent is to systematically convince a decision maker to approve a business-related action. The document should be easy to understand, succinct, factual, and convey enthusiasm for the proposed solution.
The Current State of Credit Card Security
The current state of credit card security shows that way too many companies remain vulnerable to attacks from cybercriminals. While merchants intend to stay current with industry-standard security protocols (including PCI Compliance), they still struggle to keep up with hackers who develop and learn new tricks every day. Merchants, big and small, are constantly at risk.
Credit Card Tokenization – The Proposed Solution
Credit card tokenization is the process of removing sensitive credit card data from an organization’s environment, storing it in our secure environment, and replacing the card information with a token for future card-not-present processing. This solution helps protect your current and future revenue and your brand’s reputation.
The Financial Case for Tokenization
Credit card tokenization doesn’t only protect the data for future card-not-present transactions, but it can help your organization financially in other ways, including:
According to the Ponemon Institute Cost of Data Breach Study for 2013, the cost per record of a breach in the US reached $198. A fairly typical 3Delta customer keeps 100,000 cards on file. If this customer suffers a breach of their own cardholder data environment, the potential cost reaches almost $20 million. Correctly using an outsourced tokenization service such as CardVault eliminates the risk that you will suffer a breach of concentrated cardholder data. Thieves cannot steal what you don’t have.
Additionally, on-site storage of credit card information greatly increases your expenses because you have to maintain the cardholder data environment (CDE). This includes physical security, video and biometric logs of access to the CDE, encryption and maintenance of encryption keys, logging and review of logs. By outsourcing card storage you avoid these requirements, and your business can focus on its core operational duties.
Finally, 3Delta’s CardVault tokenization solution includes Level-3 through processing. Assuming you are accepting corporate purchase cards, Level-3 can reduce interchange fees by as much as 100 basis points, adding one percent to your top line revenue.
Conclusion and Supporting Material
At 3DSI, we have been providing tokenization to our customers since 2003 and there is no more knowledgeable or enthusiastic team at any payment services provider. We’ve gladly stated the problem, the solution and the financial justification for your business case. Use this and our other tokenization-related articles as resources for your needs, or simply contact us if you need more help.
Want an example of an organization that achieved success with credit card tokenization? Read our article/case study on United States Plastic Corporation.