Protecting Cardholder Data In The Enterprise Retail Market

Merchants are feeling increased pressure from credit card companies to comply with security regulations such as the Payment Card Industry (PCI) Data Security Standard (DSS) and Payment Applications Best Practices (PABP) and are being offered incentives to comply or facing harsh penalties for not complying. Lessons learned from recently compromised retailers such as TJX, parent to Marshalls and T.J. Maxx, Polo Ralph Lauren, and shoe retailer DSW, make it clear that retailers have to work harder to protect cardholder data.

In order to comply, merchants must secure their software applications to minimize data storage and heighten data transmission security protocols. So how do they do that?

This white paper outlines the two basic options retailers have to comply with these standards including:

1. Building and maintaining their own in-house payment systems
2. Deploying third-party solutions that are hosted in PCI DSS-compliant data centers and are PABP certified