The TransArmor payments service is designed to change the way merchants secure and manage cardholder data. The TransArmor solution removes payment card data from the merchant environment as part of processing the transaction, reducing risk and the scope of PCI compliance efforts.
The solution leverages the RSA SafeProxy architecture, a combination of asymmetric encryption, tokenization and key management engineered to provide the benefit of end-to-end protection and eliminate on-site cardholder data storage for merchants. The features of the token help merchants to continue to handle key business functions such as returns, recurring billing, loyalty programs and other analysis, without enabling card data to be used for fraudulent transactions.
The TransArmor solution can be implemented without the need for new hardware or back-end IT operations. The solution works with First Data as well as other terminals or point-of-sale systems and can be consistently applied across brick-and-click environments.
With the TransArmor solution, customer card information will be retained only at the processor and protects merchants from the dangers of malicious attacks designed to steal payment card data in transit or in storage from merchant databases.
Teams from RSA and EMC Consulting worked collaboratively with First Data through product strategy development and technology proof of concept for a pilot and product launch.
Brad Morgan, senior IT operations manager at COSI, said: “TransArmor gives us peace of mind that their payment card data is locked in a virtual vault at First Data and nowhere on site at COSI.”
Brian Fitzgerald, vice president of marketing and RSA, the security division of EMC, said: “TransArmor successfully embeds industry-leading security technology into the payment processing infrastructure to make it available to, and more importantly, usable, by merchants of all sizes. TransArmor is an example of the type of partnerships required from industry leaders that will reduce the reliance on point solutions and enable an industry ecosystem with pervasive built-in security.”