We notice you are visiting from a U.S. Internet provider. 
17/08/2011 -
Last week, the Payment Card Industry Security Standards Council released guidelines for the use of tokenization payment processing technologies. Tokenization has been praised as an option for merchants looking to establish payment networks that limit access to sensitive financial data, as stipulated under PCI Data Security Standard regulations.The PCI SSC released the guidelines in response to the lack of viable regulatory or standardization procedures related to the technologies.
While the guidelines are far from obligatory, the Council advices retailers to adopt systems with strong authentication and permission controls for access to the tokenization system. All tokenization components should be included within a PCI DSS compliant environment, the report adds.
"Since the goal in PCI compliance is often to reduce the amount of cardholder data that enters the general business network, the report notes that if the primary account number (PAN) is retrievable by the merchant using the tokenization system in place, the 'merchant's environment will be in scope for PCI DSS,'" reports Ellen Messmer for NetworkWorld.
The guidelines also stipulate that all tokenization procedures and technologies should be compliant with PCI DDS.
