Voltage Security, a global leader in enterprise and payment card data protection inside and outside the cloud, today announced a new encryption breakthrough for protecting personal data entered by consumers on web pages called PIE for Page-Integrated Encryption.
The company also announced Voltage SecureData Web, a new enterprise-class data protection solution that uses the PIE encryption protocol, designed for e-commerce merchants struggling with protecting PAN (primary account number) data exchanged in web-based transactions and reducing PCI DSS audit scope in web applications and infrastructure.
"We are the only vendor to have a comprehensive payments security solution both for card-present and now e-commerce, via end-to-end encryption, tokenization and data masking," said Mark Bower, vice president of product management for Voltage Security. "For the first time, merchants can retain total control of their customer experience in the important payment capture process, without having cardholder data present in their ecosystem or key management worries -- reducing risk and PCI compliance cost in the process."
PIE is particularly useful for card-not-present (CNP), e-commerce and other cloud-based applications that use confidential personal information such as credit card numbers, social security numbers and the like. It leverages the patented Voltage Format-Preserving EncryptionTM which ensures that data retains its format and semantics upon encryption; this means minimal changes to existing systems resulting in overall lowered costs for protecting data end-to-end.
E-Commerce Merchants Remain Vulnerable
As growth in online retailing continues, e-commerce merchants also continue to be vulnerable to data breach risks across their network and application infrastructure. Studies show global e-commerce is growing by more than 19% per year worldwide, and retail web sales are predicted to reach nearly $1 trillion by 2013.* At the same time, 13% of web hacking cases in 2010 were related to criminals seeking to steal consumer financial and identity data from e-commerce web sites.**
"Voltage is giving e-commerce merchants a better perimeter than they've had before," commented George Peabody, director, Emerging Technology Advisory Services, Mercator Advisory Group. "There are no silver bullets in payments security, but this is a much-needed step forward for the industry."
"The rapid adoption of cloud computing and mobile applications is compounding data protection problems," said Judith Hurwitz, president and CEO of Hurwitz & Associates. "Business boundaries no longer exist and a lack of transparency compounds security risks for companies."
The new Voltage solution, Voltage SecureData Web, is targeted to e-commerce merchants who struggle with keeping PAN data confidential and reducing PCI DSS audit scope.
Another Encryption Breakthrough
PIE represents the cumulative efforts of Voltage's extensive research and presence in the payments industry. It adds to the prior cryptographic breakthroughs commercialized by Voltage including: IBE, Voltage Identity-Based EncryptionTM, which is widely recognized as the next generation of public key cryptography and is the foundation of Voltage SecureMailTM, now the world's leading email encryption solution; FPE, Format-Preserving EncryptionTM, which provides a simple and effective way to protect data in applications and databases with minimal change impact to existing infrastructure, and powers Voltage SecureDataTM and Voltage SecureData PaymentsTM, the most comprehensive solution for end-to-end and point- to-point encryption in the payments industry; and now, PIE, a simple but effective way to protect consumer information when shopping online from a PC or mobile device.
Voltage recently called for new measures to protect consumers from wide-ranging data breaches in this piece, "The Epsilon Hack Attack: Time for 'SOX' for Consumer?"