Security & Compliance

Cardholder security is our first priority at First Data. We continually invest in tools and technologies to protect our clients' data and their customers throughout the payment transaction cycle like the latest in encryption and tokenization. Whether it is the initial card swipe at a terminal, an eCommerce transaction, payment authorization and settlement, you can count on First Data to provide you a range of security measures to protect you from the damage of a security breach while helping you meet PCI compliance standards.

In this suite

First Data® TransArmor® Solution

Solution to protect merchants and consumers from the risks of transmitting and storing payment card data.

The First Data® TransArmor® solution is powerful payment card security that combines the flexibility of software- or hardware-based encryption with random-number tokenization technology.  The TransArmor solution protects payment card data and prevents it from entering the merchant environment, so your systems never hold the actual card numbers from the transactions you process.

The TransArmor solution removes the need for merchants to store card data by replacing it with a randomly assigned number, called a 'token'. In doing so, TransArmor minimizes risk by reducing the scope of PCI compliance, shifts the burden of protecting cardholder data to First Data, and allows the 'token' to be used for other business and sales functions such as returns, sales reports, and analysis.

This advanced security technology addresses merchant concerns over card data protection, card data storage and the rising cost and complexity of PCI compliance.

First Data Advantages

With the TransArmor solution, payment card data is protected at every transaction stage - in transit, in use and at rest. You retain access to the token number for business and marketing purposes. And because the TransArmor solution maintains the primary account number (PAN) data in a First Data "vault," it reduces the scope and cost of PCI compliance.

The TransArmor solution meets the PCI Security Standards Council guidelines for encryption and tokenization, and First Data agrees with their assessment of EMV adding an additional layer of security to those solutions.

Key components

  • Offers multiple encryption options–Payment card data is secured at the merchant POS – prior to transmission – using either software- or hardware-based encryption and is protected throughout the entire transaction.
  • Addresses root cause of data security issues–Tokenization technology helps ensure that payment card data never enters the merchant environment by replacing it with a random-number token, which has no value outside of the merchant environment.
  • Reduces PCI compliance scope, effort and cost–Removing payment card data from merchant systems also removes it from PCI scope, minimizing the time and resources needed to meet PCI requirements.
    • Can reduce the scope of annual PCI audits by as much as 80%
    • Can reduce the time PCI compliance requires by as much as 50%
  • Preserves a unique card-based ID–Token numbers can be used in place of the original card number for business functions without risk of storing card data or breaking processes
  • Easily implemented and maintained–No additional hardware, changes to back-end systems or employee training is typically required.
  • Access to data–First Data retains access to the secure data and translates card numbers to randomly assigned token values when needed for customer interactions such as adjustments, retrievals, recurring payments and chargebacks
  • Warranty–Because the processor is now securing and storing the card data, First Data offers a limited warranty to protect the merchant if the token is stolen.

 

Products & Services