VeriFone Systems (NYSE: PAY), and Coalfire Systems, today announced that an independent assessment by Coalfire has determined that VeriFone's VeriShield Protect end-to-end encryption solution meets all Visa Data Field Encryption guidelines as well as other industry standards.
Coalfire, a Payment Card Industry (PCI) Qualified Security Assessor (QSA), recently completed the assessment, which included technical testing, architectural assessment, industry analysis, compliance validation and peer review of VeriShield Protect. The assessment concluded that, "the VeriShield Protect solution can reduce the cost of PCI compliance assessment and validation and allow [merchants] to invest more of those dollars into risk mitigating controls." A copy of the report is available at http://www.verifone.com/lp/verishield-protect.aspx.
In addition to achieving Visa's best practices for data field encryption, Coalfire determined that with VeriShield Protect, a payment application or point-of-sale (POS) system that is not Payment Application Best Practices (PABP) or Payment Application Data Security Standard (PA-DSS) validated can be taken out of PCI scope if all payment data is captured through the VeriShield Protect solution and the system is cleansed of all legacy card data.
"Coalfire's report indicates we achieved our goal of creating a payment security solution that will reduce the cost of PCI compliance," said Jeff Wakefield, VeriFone vice president and general manager, Global Security Solutions. "With VeriShield Protect, merchants can eliminate almost all risk of payment card data compromise."
Other key findings include:
• VeriFone's format-preserving VeriShield Hidden Encryption meets encryption best practices and standards for cryptographic algorithms and key strength.
• The VeriShield Protect solution integrates securely with PC based POS or cash registers.
• VeriShield Hidden Encryption provided successful integration with all payment application, POS and back-office servers tested.
"The VeriFone VeriShield Protect solution has impressed our technical assessment team and our QSA auditors," said Rick Dakin, Coalfire CEO and co-founder. "The overall scope of platforms, technology and tools are well architected and effective."