First Data® Secure Transaction Management(SM) Service Leverages Encryption and Tokenization Technology from EMC's Security Division to Reduce Risk and Cost Associated with Processing Card Data and PCI Compliance
ATLANTA and BEDFORD, MA (Sept. 22, 2009) - First Data, a global leader in electronic commerce and payment processing services, and RSA, The Security Division of EMC (NYSE: EMC), have teamed up to provide a new service called First Data® Secure Transaction Management(SM), which is engineered to enable merchants to secure payment card data and remove it from their environment while allowing access when needed. The new First Data Secure Transaction Management service, offered exclusively by First Data and powered by the RSA SafeProxy™ architecture, is designed to dramatically reduce the cost and complexity of complying with the Payment Card Industry Data Security Standard (PCI DSS).
By using the First Data Secure Transaction Management service, payment card data is encrypted at the time it is captured by the merchant's existing point-of-sale application and remains encrypted until it is securely delivered to the First Data authorization switch where decryption occurs. Once authorized through the switch, the card number is replaced by a "token" value that cannot be linked back to the original card data, but otherwise behaves like a card number. This enables the merchant to eliminate card numbers from various business applications without the need for costly application or point-of-sale hardware modifications. When needed, merchants can access the original card number through a secure vault that First Data maintains for controlled authorized look-ups. This outsourced service helps merchants to reduce the risks associated with the loss of cardholder data, avoid fines, and help prevent the loss of brand equity and trust.
"The increasing need for data protection and the growing complexity of PCI DSS compliance are driving merchants to evolve their business strategies for securing customers' sensitive information," said Robert Vamosi, security/risk & fraud analyst for Javelin Strategy & Research. "Organizations that can employ a layered approach to data security, one that capitalizes on the inherent advantages of encryption, tokenization and other technologies, will be well positioned to protect card data and reduce the scope of PCI compliance."
The First Data Secure Transaction Management service is powered by the RSA SafeProxy™ architecture, which employs a unique combination of tokenization, advanced encryption and public-key technologies that are engineered to provide merchants with the capability to eliminate credit card data from their environments without loss of business functionality or massive rewrites of applications.
"Payment card data protection and PCI compliance are some of the most significant challenges that our merchant customers face today. Addressing these challenges is both complex and costly," said Michael Capellas, chairman and chief executive officer of First Data. "The simplicity of integrating encryption with tokenization through the First Data Secure Transaction Management service dramatically redefines how merchants of all kinds manage and protect their customer payment data."
"To comply with the PCI DSS and reduce risk, organizations need security controls built into their infrastructure, and not bolted on," said Art Coviello, executive vice president, EMC Corporation and president, RSA, The Security Division of EMC. "Rather than addressing security risks by deploying disparate point controls throughout their infrastructure, First Data Secure Transaction Management provides organizations with a simplified and scalable solution that helps radically reduce management complexity and costs."
First Data and RSA will host a media conference call today at 11:00 a.m. Eastern Time (ET). Media interested in participating should dial (888) 208-1812. Michael Capellas of First Data and Thomas Heiser, Senior Vice President of Global Customer Operations, RSA, will provide opening remarks and then take questions in an open forum.
About First Data
First Data powers the global economy by making it easy, fast and secure for people and businesses to buy goods and services using virtually any form of electronic payment. Whether the choice of payment is a gift card, a credit or debit card or a check, First Data securely processes the transaction and harnesses the power of the data to deliver intelligence and insight for millions of merchant locations and thousands of card issuers in 36 countries. For more information, visit www.firstdata.com.
About RSA
RSA, The Security Division of EMC, is the premier provider of security solutions for business acceleration, helping the world's leading organizations succeed by solving their most complex and sensitive security challenges. RSA's information-centric approach to security guards the integrity and confidentiality of information throughout its lifecycle - no matter where it moves, who accesses it or how it is used.
RSA offers industry-leading solutions in identity assurance & access control, data loss prevention, encryption & key management, compliance & security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.
Supporting Resources:
Michael Capellas and Art Coviello Discuss New Alliance
Media Relations Contacts:
Elizabeth Grice, First Data
303-967-8526; elizabeth.grice@firstdata.com
Alison Parker, OutCast PR (for RSA)
212-905-6048; alison@outcastpr.com
Investor and Analyst Relations Contact:
Silvio Tavares, First Data
404-890-3000; silvio.tavares@firstdata.com
###
RSA and SafeProxy are either registered trademarks or trademarks of RSA Security Inc. in the United States and/or other countries. EMC is a registered trademark of EMC Corporation. All other products and/or services mentioned are trademarks of their respective countries.
This release contains "forward-looking statements" as defined under the Federal Securities Laws. Actual results could differ materially from those projected in the forward-looking statements as a result of certain risk factors, including but not limited to: (i) adverse changes in general economic or market conditions; (ii) delays or reductions in information technology spending; (iii) our ability to protect our proprietary technology; (iv) risks associated with managing the growth of our business, including risks associated with acquisitions and investments and the challenges and costs of integration, restructuring and achieving anticipated synergies; (v) competitive factors, including but not limited to pricing pressures and new product introductions; (vi) the relative and varying rates of product price and component cost declines and the volume and mixture of product and services revenues; (viii) component and product quality and availability; (viii) the transition to new products, the uncertainty of customer acceptance of new product offerings and rapid technological and market change; (ix) insufficient, excess or obsolete inventory; (x) war or acts of terrorism; (xi) the ability to attract and retain highly qualified employees; (xii) fluctuating currency exchange rates; (xiv) litigation that we may be involved in; and (xiii) other one-time events and other important factors disclosed previously and from time to time in the filings of EMC Corporation, the parent company of RSA, with the U.S. Securities and Exchange Commission. EMC and RSA disclaim any obligation to update any such forward-looking statements after the date of this release.
