Liaison Technologies’ Tokenization-as-a-Service Passes PCI-DSS 2.0 Audit
>> PCI-DSS 2.0 compliance assures merchants that Liaison’s cloud-based tokenization service is a highly secure environment for protecting customer credit card data
Liaison Technologies, a global provider of secure cloud-based integration and data management services and solutions, has announced that earlier this year, the Liaison Protect™ Tokenization-as-a-Service (TaaS™) cardholder data environment successfully passed a Payment Card Industry Data Security Standard (PCI-DSS) 2.0 audit and other major payment card association security requirements related to the protection of cardholder data.
Liaison engaged Trustwave®, an authorized third-party assessor for all major payment card associations, to conduct the assessment of the TaaS cardholder data environment hosted at the Verizon Computing as a Service (VzCaaS) hosting facility in Beltsville, Maryland. The cardholder data environment consists of the perimeter and internal firewalls, the Liaison Protect Token Manager application, the production VLAN, the Web VLAN and the VzCaaS Management VLAN. The PCI requirements are comprised of VISA’s Cardholder Information Security Program (CISP) and MasterCard’s Site Data Protection (SDP) program, as well as Discover’s (DISC) and American Express’s Data Security Operating Policies.
“Our cloud-based tokenization service offers merchants the same benefits of our on-premise tokenization solution, such as reducing PCI-DSS scope and compliance costs and decreasing IT management and capital expenditure requirements, while providing limitless data storage and retention,” said Christopher Hale, Liaison’s VP, Global Product Marketing. “We asked Trustwave to conduct a PCI-DSS audit on our TaaS cardholder data environment as proof of its high level of security and to further underscore Liaison’s continuing leadership in data security.”
Liaison Protect TaaS is a managed tokenization service that uses Liaison Protect Token Manager to protect credit cards and other types of structured sensitive data in a PCI-compliant cloud to improve security, reduce risk, ease compliance and minimize data security costs. To use Liaison Protect TaaS, customers enable one or more of their systems to interact with TaaS via web services. Administration, configuration, key management and operations are handled by Liaison to relieve customers of day-to-day data security tasks related to data tokenization.
Liaison is the first data security company to offer Format Preserving Tokenization™ on-premise and as a managed service in the cloud, giving customers a choice on how to tokenize any type of confidential information, including credit card numbers, Personally Identifiable Information (PII) such as Social Security Numbers, passwords and birthdates, Electronic Health Records (EHR) and components of business-to-business transactions such as order information. Unlike other tokenization service providers, Liaison guarantees customers ownership of their tokenized data, including the token/data relationship, should the service contract be cancelled. What’s more, companies that use Liaison Protect TaaS can still use their payment gateway and payment processors of choice.
About Liaison Technologies
Liaison Technologies is a global integration and data management company providing unique and high-value solutions to securely move, transform and manage business information on-premises or in the cloud. With a comprehensive array of business-to-business and application-to-application integration and data transformation services, Liaison's practitioners implement data management infrastructures adapted to specific business requirements. Headquartered in Atlanta, Liaison has offices in the Netherlands, Finland, Sweden and the United Kingdom. For more information, visit www.liaison.com.