March 14, 2013, 2:16 PM

Tokenization helps ShopNBC cut its PCI-compliance costs in half

The retailer now stores codes that can’t be used to make purchases.

Lead Photo

TV and Internet retailer ShopNBC.com last year added tokenization, a technology that changes consumers’ payment card information into randomized codes, to its payment security strategy to make it easier for it to comply with Payment Card Industry Data Security Standards—a set of rules created by payment card networks to protect cardholder data.

The retailer had kept access to encrypted credit card data in-house. And that required a large number of servers that had to be maintained and PCI-compliant, says Joan Radtke, senior director of credit at ShopNBC, No. 91 in the Internet Retailer Top 500 Guide

The retailer wanted to use tokenization to add another layer of payment security, but doing so is a large project that would require a lot of manpower. So the retailer decided to outsource the job to payment processor Litle & Co.

Since the retailer implemented tokenization in last year, ShopNBC’s servers don’t receive a real credit card number. Instead, when a customer enters his card data, Litle & Co. receives the payment information, stores and processes the payment card information and creates a token assigned to that card that it then sends to ShopNBC. The token effectively substitutes payment card information with a code that is valueless if ShopNBC’s systems are compromised.

Radtke says that it was important to move sensitive payment card information off ShopNBC’s storage systems. The move reduced the number of ShopNBC servers that had to be PCI-compliant she says. And it has helped cut its PCI-compliance costs in half.

comments powered by Disqus

Advertisement

Advertisement

Advertisement

From IR Blogs

FPO

Jock Purtle / E-Commerce

What is your e-commerce business worth?

The founder of a merger and acquisitions consulting firm examines how e-retailers can know the ...

FPO

Adrien Henni / E-Commerce

Alibaba and Chinese e-commerce rivals target Russia

Besides Alibaba, Chinese e-commerce companies like LightInTheBox and DinoDirect are seeking deals to get goods ...

Advertisement