Tenzing Launches PCI Assure to Simplify Credit Card Data Security Compliance
New service provides web merchants with fast, easy and cost effective PCI-DSS Compliance
TORONTO – April 25, 2012
Tenzing Managed IT Services (Tenzing), a leading provider of hosting solutions for Ecommerce System Integrators (SIs) and Software-as-a-Service (SaaS) providers, today launched PCI Assure, a new service that simplifies Payment Card Industry – Data Security Standard (PCI-DSS) compliance for ecommerce vendors. Tenzing’s PCI Assure enables online merchants to capture customer credit card information from any website page while greatly shortening the PCI-DSS Compliance process to a few easy steps.
PCI-DSS is a security standard for organizations that handle cardholder information for major debit, credit, prepaid, ATM and Point of Sale cards. The standard was defined by the Payment Card Industry Security Standards Council and created to increase controls around cardholder data to reduce credit card fraud. Validation of compliance is done annually by an external Qualified Security Assessor (QSA) for organizations handling large volumes of transactions or by Self-Assessment Questionnaire (SAQ) for companies handling smaller volumes.
The heart of the PCI Assure system is a unique tokenization solution. The “data vault” allows Tenzing to securely store credit card information. When credit card information is put into Tenzing’s data vault, a token is created to represent the real credit card. The token is then used by the merchant and can be stored freely on any computer system. The token can never be decrypted outside of PCI Assure so even if it ends up in the wrong hands, the number cannot be used to breach real credit card data.
“With highly publicized data breaches on the rise, companies need to take a closer look at credit card security and PCI-DSS compliance,” says Brian Shepard, Founder and CEO of Tenzing. “Whether a retailer is new to ecommerce or simply concerned about their current PCI-DSS compliance status, handling this in-house exposes their organization to significant risk, and requires extensive time and human resources to manage.”
Tenzing’s PCI Assure uses IFRAME technology that can be easily embedded into any web application. The PCI Assure IFRAME only captures credit card and card verification value or code (CVV) fields, leaving the remainder of the fields on the merchant’s website. Tenzing’s IFRAME is secure and 100 per cent Level 1 PCI compliant. Since a merchant’s website never sees customer credit card information, their compliance process can be reduced to completing a simplified SAQ Type A.
PCI Assure has already been integrated into major payment gateways, including Paypal Payflow Pro, Authorize.net, iPay and others.
“PCI Assure allows for total flexibility at checkout,” adds Shepard. “Merchants know that the checkout process is where the biggest potential losses in conversion can occur, especially if users are redirected to other hosted payment page solutions. With PCI Assure, merchants benefit from fewer abandoned carts.”
PCI Assure was also designed for complete customization. Merchants just drop in the Tenzing IFRAME and provide Tenzing with a Cascading Style Sheet (CSS). Tenzing matches the credit card fields to the merchant’s design template, increasing transparency and raising their customer’s comfort level to complete their transactions successfully.
About Tenzing Managed IT Services
Founded in 1998, Tenzing is a leading provider of hosting solutions for e-commerce clients, System Integrators (SIs), and Software-as-a-Service (SaaS) providers. Tenzing’s mature IT Service Management (ITSM) and ITIL best practices provide the foundation for the reliable, secure, and scalable delivery of complex applications around the clock. Backed by comprehensive Service Level Agreements (SLAs), Tenzing is SSAE16 Type II, ISO 27001, PCI-DSS and Visa PCI certified with data centres in Dallas, TX, Toronto, ON, and Vancouver and Kelowna, B.C. For more information, visit: www.tenzing.com.
Director of Marketing and Product Management