Voltage Targets PCI With Tokenization Debut
Send to Kindle
Voltage Security debuted a tokenization solution aimed at growing concerns around PCI DSS. The launch will give partners a crack at mature and saturated data protection and GRC markets.
Voltage Security is edging into compliance markets with a new solution aimed at allaying Payment Card Industry Data Security Standard (PCI DSS) audit woes.
The Voltage Secure Stateless Tokenization technology bolsters security mechanisms around payment card data, alleviating challenges around PCI DSS compliance for enterprises. The solution could give partners a bit of leg up when attempting to break ground in governance, risk and compliance (GRC) markets. Tokenization replaces credit card and other critical data with non-sensitive substitute values and is one of the data protection solutions recommended by PCI DSS auditors.
It's a departure for the Cupertino, Calif., data protection and encryption firm. As a differentiator, Voltage’s tokenization technology eliminates reliance on a token database, which reduces the number of applications and systems considered “in-scope” for compliance assessments. That reduces risk around storing sensitive cardholder data, which decreases PCI DSS compliance costs and frees up IT budgets. Partners have the means to leverage an ROI angle when breaking into GRC markets or expanding compliance prowess.
Voltage says its solution provides 100 percent data consistency and scales linearly, enabling processors to generate hundreds of millions of tokens representing card numbers for internal use or as channel services to merchants.
As additional channel selling points, the SST technology features no software requirements, works with virtually all languages and platforms, integrates into existing IT environments and can meet stiff high-availability requirements demanded by payment processors and carriers.
The solution is part of the overarching Voltage SecureData Enterprise data security platform that incorporates encryption, tokenization, data masking and key management, combined to protect sensitive corporate data from cyberattacks and intrusions. The solution targets industries such as financial, retail and airlines -- those under pressure to adhere to rigorous PCI DSS audits.
For the channel, this means the ability to leverage the technology as a value-add to a more comprehensive data protection solution set, which can carve paths into high-end verticals and other GRC markets.
Data protection, in general, will be a reliable channel bet. A TechNavio report forecasts the data protection market will experience a 10.2 percent CAGR between 2010 and 2014, driven by the dearth of evolving and stringent compliance regulations. Some of this growth will be driven by technology that includes tokenization, which analyst firm Aberdeen says is slowly gaining traction as a viable data protection niche -- especially when addressing growing demands around PCI DSS.
The net-net: The channel will have a new data protection toy to offer enterprise customers in 2013 -- a yet unsaturated market alternative that could garner premium margins in the not-too-distant future.