We notice you are visiting from a U.S. Internet provider. 
12/02/2010 -
For businesses whose merchant services include debit and credit card processing, maintaining PCI compliance can be seen as expensive and arduous. However, the cost and frustration of a payment processing security breach far outweigh those involved with PCI compliance.To make PCI compliance a bit less expensive and burdensome, merchants may want to consider software-as-a-service (SaaS)-based tokenization solutions, said payment processing industry expert Larry Wine.
In an article for IT Business Edge, Wine reported that a SaaS tokenization model "ensures no customer card data resides within company systems," thereby improving payment processing security.
In addition, this model saves money, because the maintenance of payment processing security measures is outsourced to the tokenization provider. "It's a simple premise: the less data there is onsite the less it costs to keep it secure. This will also reduce the complexity of a company's PCI audit," Wine wrote.
Tokenization, along with end-to-end-encryption, is currently being evaluated by the PCI Security Standards Council for possible inclusion in the next version of the PCI DSS, due out in October. The council is now in the process of evaluating feedback from payment processing industry players on the new regulations.
