SafeNet, a global leader in information security now affiliated under common with Aladdin Knowledge Systems, today announced that Tutuka, a South African-based payment processor, has selected SafeNet's DataSecure platform and ProtectHost (PH) EFT hardware security module (HSM)-two components of SafeNet's Enterprise Data Protection (EDP) Security Suite-in order to meet PCI DSS and EMV compliance.
Tutuka provides organisations with software-based solutions for gift vouchers, gift cards, prepaid Mastercards, prepaid cash replacement and loyalty programs, enabling these organisations to reach their customers who typically do not use traditional credit card payment options. Through Tutuka's core platform, these payment methods can be easily and securely issued, redeemed, tracked, and reported on through multiple channels such as point of sales, terminals, EFT switches, self-service kiosks, telephone, and the Web.
"The PCI DSS requires us to encrypt credit card data that resides on our Microsoft SQL database and, to comply with EMV, we needed a secure form of chip and PIN generation," said Shaun Hodgkiss, technical director, Tutuka. "Our selection of SafeNet EDP was based on the recommendation of a leading industry assessor, as well as the company's long-standing history of solving data protection and compliance challenges for financial enterprises."
Tutuka needed a cost-effective security solution that would not only install quickly with their existing infrastructure, but could be built upon as the company expands its services and, inevitably, faces new compliance and data protection issues. Tutuka implemented SafeNet's DataSecure platform and PH EFT HSM in less than six months and, by using a single vendor for multiple platforms, reduced their overall cost and complexity of compliance.
"Unlike disparate, multi-vendor point solutions, SafeNet EDP provides an integrated security platform with centralized policy management and reporting for seamless control of encrypted data," said Joe Moorcones, corporate vice-president and general manager, Commercial EDP Division, SafeNet. "With SafeNet EDP, enterprises handling payment information can avoid fines for non-compliance, offer their customers the peace of mind that comes with knowing their assets are safe, and mitigate potential legal liabilities in the future."
>>SafeNet DataSecure allows commercial and government organisations to ensure compliance and limit liabilities by protecting any sensitive data accessed by employees, customers, or third parties. For data protection, DataSecure is the only appliance-based encryption technology available that features granular, field and file level encryption capabilities and that can be integrated with file, web, application, and database servers as well as PCs.
Compliant with FIPS 140-2 Level 2 and Common Criteria Evaluation Assurance Level 2, DataSecure centralises all cryptographic processing, key management, logging and auditing, and security policies on a single, hardened appliance, which maximises overall security.
ProtectHost EFT HSM prevents identity theft and other e-crimes by encrypting PINs, passwords, and online transaction data. It is designed for EFT and payment system processing environments, providing security for online banking transactions and applications for credit, debit, and chip cards. The PH EFT encrypts data at the client browsers and decrypts it at the host, so transactions are secure from point of entry through processing and authentication.
The PH EFT PIN Mailer System enables printing of PINs directly to secure PIN envelopes, eliminating the need to hook up to a different machine. As the world's fastest electronic-funds transfer technology, the PH EFT operates at 1200 operations per second and features EMV support that specifically meets mandated requirements for payment processors-like Tutuka-card issuers, acquirers, merchants, and e-payment providers.
SafeNet's complete EDP Solution Suite includes database and application data encryption, disk and file encryption, centralised key management, network and WAN encryption, and two-factor authentication.
Twitter
Daily newsletter