Seminar 01P - How Tokenization and Point-to-Point Encryption Can Reduce Your School's PCI Scope (or Not)

Tuesday, May 15, 2012 | 2:00PM–5:30PM | White River Ballroom A
Session Type: Professional Development
Two emerging technologies have the potential to reduce campus merchants' PCI scope while also reducing the risk of a damaging data breach: tokenization, the process whereby payment card data are replaced by surrogate values or tokens, and point-to-point encryption (P2PE), which potentially can reduce your PCI scope to the card reader, thereby removing your payment applications and databases from PCI scope. Neither technology is a silver bullet that makes PCI go away. Learn how these technologies work and how they address different requirements; what the PCI Council's implementation guidance says and doesn't say; how each can also increase your security; and some real-world implementation best practices so your institution can realize the scope reduction and cost savings you expected (and your vendor promised).We also will discuss changes in PCI DSS version 2.0 that can impact how your campus validates your PCI compliance.

Presenters

  • Walt Conway

    QSA, 403 Labs, LLC

Resources & Downloads