Overview

CardSecure® is a data encryption and tokenization solution that transfers incoming credit card data to a secure vault, encrypts it, and assigns it a token. The token, not the sensitive card data, is stored on your system, allowing the data to remain securely outside your Enterprise resource planning (ERP) application. 

Why CardSecure?

When you hear about data breaches affecting large well-known companies in the news, you realize the importance for a solution that protects your customers' data, your ability to stay PCI compliant, and your reputation. 

CardSecure provides:

  • Protection
    CardSecure’s best-in-class tokenization technology and off-site vault keeps your customers’ information private and out of your system. If a breach ever does happen, the data stolen will be useless.
  • Security
    Sensitive card data never resides in your system because all encryption and storage takes place outside of it.
  • PCI Scope Reduction
    CardConnect’s P2PE solution takes a business network and POS system completely out of PCI scope, which greatly reduces:
    • The cost of an annual audit
    • The possibility of the business falling victim to a breach
    • The size of the PCI questionnaire (from 300 questions to a mere dozen!) This greatly reduces the scope of your PCI compliance program since encryption meets PCI assessment targets for card data as well as state regulations for personal information.
P2PE Diagram

What does CardSecure include?

  • Point-to-Point Encryption (P2PE)
    Upon swipe or card data input, the sensitive data is instantly encrypted. Your customer's credit card number will never be stored in your system and your customer’s data remains safe.
  • Irreversible and Patented Tokenization
    Our unique tokenization process is mathematically irreversible, offering your customers total protection from identity theft.
  • Intelligent Tokens
    CardConnect tokens comply with data integrity checks such as the Luhn test and those performed by various ERP systems.
  • CardConnect Vault
    All encrypted card numbers are stored in our 100% PCI-compliant, cloud environment.
  • Full Key Management
    CardSecure provides tools for the generation of Data Encrypting Keys, that can be managed using the application.
  • Token Rollover
    The system can “Rollover” encrypted data from an older Data Encrypting Key to a new one to avoid disruptions when a new key is used.
  • Support for All Data Type
    Supports storing any data type, including any Personally Identifiable Information (PII). We support Birth Date, Account Numbers, Social Security Number, and any other data through custom types.
  • Security for All Payment Types
    Whether receiving transactions from the web, a call center, or a POS terminal, all data is encrypted and tokenized by CardSecure to ensure the highest security.

What if I already have sensitive data stored in my system?

We can help you securely migrate your legacy data into CardSecure. Our Bulk Uploader and other Data Conversion tools will migrate and convert your sensitive data into secure tokens and store them in our secure vault.

Related Content