Twitter
Facebook
Linked In
RSS
Login or Register
New to InternetRetailing?
Register Now
Internet Retailing

This is your 1 complimentary article for this month

Become a member for unlimited and immediate access.


Register
Already a member? Log in here

Taking payments - without taking the risk

Linked InTwitterFacebookeCard

A brand new way of paying online has been unveiled by US technology company Akamai.

Its Edge Tokenization service means that merchants no longer need to touch customers’ credit card details at any point during the course of a transaction. Edge Tokenization is being released later this month in both the UK and the US.

The solution stems from tokenisation, which converts credit card data into an anonymous token, reducing the risk to customer data on merchants' systems. However Akamai’s Edge Tokenization takes that technology a step forward by converting the data to a token before it comes in contact with the retailer’s IT systems. That means retailers no longer need to come in any contact with customers’ credit card details – eliminating the risk that they may lose data, and the work of keeping that data secure.

Rather than being kept on their systems, customers’ true credit card details, along with the anonymous token, are instead stored in a secure data vault that is managed by Akamai.

Retailers who use the service can still allow customers to pay on the same site on repeated occasions using one-click purchasing or by choosing from previously-used credit card details. But retailers still don’t come into contact with the full credit card number, since only the last four digits of the credit card number are available to them in an untokenised form.

That reduces the information and data that retailers need to supply to auditors checking they comply with the Visa and Mastercard payment regulations.

The payments processing side of the service is delivered by Akamai’s partner, Visa-owned Cybersource, which says that the conversion of credit card data to a token reduces the risk to retailers if information is stolen or if their systems don’t comply with the Payment Card Industry Data Security Standard (PCI DSS) set by Visa and Mastercard, whose deadline for compliance expired on September 30. The cost of a compliance audit alone can come to six figures, according to Michael Suby, vice-president of research at Stratecast, a division of Frost & Sullivan. That doesn't include the cost of the technology and data security required in order to become compliant.

“We’ve always maintained merchants shouldn’t seek to secure payment data, but instead eliminate contact with it,” said Michael Walsh, president and chief executive officer of CyberSource. “Akamai’s Edge Tokenization automatically combines the concept of hosted payment acceptance and payment tokenization with cloud-based web infrastructure, making it easy for online merchants to meet compliance requirements with less cost, complexity and time.”

Tom Leighton, chief scientist and co-founder of Akamai, said: “Meeting stringent PCI compliance standards often takes repeated efforts, significant investment and regular maintenance, translating into high costs and significant IT resources. We developed Edge Tokenization as a cost-efficient solution for Web retailers to complete transactions in the cloud securely and at scale, without sacrificing performance.”

More information is available here.

Linked InTwitterFacebookeCard

Become a Member

Create your own public-facing profile
Gain access to all Top500 research
Personalise your experience on IR.net
Internet Retailing
We are the magazine, portal and research source for European ecommerce and multichannel retail, hosting the board-level conversation for retailers, pureplays and brands across all of our platforms. Join the conversation.

© InternetRetailing Media

Latest Tweet

Internet Retailing
Tamebay
eDelivery
Twitter
Facebook
Linked In
Youtube
RSS
RSS
Youtube
Google
Linked In
Facebook
Twitter