Akamai Technologies, the leading provider of cloud optimization services, today unveiled its Edge Tokenization electronic payment security service.
Seamless and undisruptive to a retailer's existing eCommerce workflow, the Akamai solution enables credit card data to be converted to a token prior to Web transactions landing on a merchant's infrastructure. By alleviating the requirement for retailers to route customer credit card data on their own infrastructure, the service helps reduce information theft and compliance risk while lowering Payment Card Industry Data Security Standard (PCI DSS) compliance costs. A first-of-its-kind offering, Edge Tokenization automates credit card tokenization within the Akamai cloud, providing exceptional levels of payment security and operational convenience for Web retailers without the need to increase spending on internal infrastructure.
As part of the Edge Tokenization launch, Akamai has integrated its cloud-based technology with tokenization solutions from its partner CyberSource, a Visa company, to enable seamless transmission of tokenized data. The relationship with CyberSource, one of the world's leading payment management services providers, offers Akamai's customers turnkey integration to enterprise payment tokenization services.
"We've always maintained merchants shouldn't seek to secure payment data, but instead, eliminate contact with it," said Michael Walsh, president and chief executive officer, CyberSource, "Akamai's Edge Tokenization automatically combines the concept of hosted payment acceptance and payment tokenization with cloud-based web infrastructure, making it easy for online merchants to meet compliance requirements with less cost, complexity and time."
Relying on Akamai's distributed and massively-scalable EdgePlatform, Edge Tokenization enables consumer credit card data to be identified and replaced with an anonymous token, which along with the true card number, is stored in a secure data vault managed by the tokenization provider.
Although hosted payment acceptance and payment tokenization solutions that eliminate the need to route or store credit card data on merchant infrastructure have been available for some time, Akamai's focus on next-generation, cloud security has produced the industry's first offering that automatically incorporates these technologies as a part of a merchant's web infrastructure, making it easier for merchants to adopt and maintain an Enterprise Payment Security 2.0 strategy.
"PCI DSS compliance has been a cost of doing business and can be substantial. For example, the reported cost for annual compliance assessments can be well into six figures and this does not count the costs to change systems and operations to become compliant," states Michael Suby, vice president of research at Stratecast (a division of Frost & Sullivan). "Leveraging a service like Edge Tokenization offers eCommerce companies an innovative way to reduce these costs while still protecting against card data breaches."
Additionally, by removing credit card data from the online merchant's infrastructure, Edge Tokenization helps customers conduct business more confidently in the cloud.
"Meeting stringent PCI compliance standards often takes repeated efforts, significant investment, and regular maintenance, translating into high costs and significant IT resources," said Tom Leighton, chief scientist and co-founder, Akamai. "We developed Edge Tokenization as a cost efficient solution for Web retailers to complete transactions in the cloud securely and at scale, without sacrificing performance."
Akamai interacts with existing payment gateway Application Programming Interfaces (APIs) to tokenize card and cardholder information without ever storing higher-risk data to disk. Because this transaction occurs on Akamai's level 1 PCI-compliant network, this replacement occurs securely and close to the end user, which further reduces potential risks.
In addition, by leverag¬ing Akamai's global, high-performance network, eCommerce providers are assured that their dynamic sites and transactions occur securely at scale without impact to transaction time or end-user experience, even in the case of Internet routing failures or outages.