CyberSource Announces Enterprise Payment Security 2.0

Company outlines its approach to the effective protection of payment data

September 29, 2009

2 Min Read


READING, UK " September 29, 2009 " CyberSource Ltd., the UK-based subsidiary of CyberSource Corporation (NASDAQ: CYBS), today outlined its approach to the effective protection of payment data " Enterprise Payment Security 2.0. Where payment security has traditionally focused on "locking down" data via encryption, CyberSource supports the elimination of raw payment data from a merchant's environment.

The most common way to address the risk of payment data loss today is encryption. According to CyberSource, this is a partial, complex, and costly approach that still leaves merchants with vulnerable data on their systems. Recently publicised data breaches have demonstrated that the lock-down model is inadequate, unmanageable or both. Clearly, payment security still presents challenges for the eCommerce industry.

With the launch of a new whitepaper, "Enterprise Payment Security 2.0: A New Look at Payment Security Management", CyberSource is offering a different management strategy " the eradication of storage, capture and back-office exposure of payment data. The whitepaper shows how merchants can rid their systems of sensitive payment information, including:

  • Eliminate payment data storage. Using payment tokenisation with remote secure storage, merchants can store payment data at a payment security"certified service provider. A secure "payment token" and a masked account number are returned for use by the merchant's system to reference the transaction in subsequent actions.

    • Eliminate payment data capture. Through Hosted Payment Acceptance, merchants' customer payment information is captured directly by the payment network—it never enters merchants' systems.

    • Eliminate back-office exposure to payment data. This can be accomplished by a number of tactics, including the outsourcing of tasks such as manual order review and chargeback management. Dr Akif Khan, Head of Client and Technical Services at CyberSource Ltd., says: "Enterprises shouldn't have to handle payment data, ever. If there's nothing to steal, the risk of a breach is effectively eliminated. By taking away contact with payment data, merchants will have a security solution that is safer, easier to manage, simpler and less costly to certify.

      Perhaps most importantly, Enterprise Payment Security 2.0 can help mitigate the threat to merchants' brands and reputation." "Enterprise Payment Security 2.0: A New Look at Payment Security Management" is available for download at:

      For more information on CyberSource's Payment Security Services, please see: About CyberSource Ltd.

      CyberSource Ltd. is a wholly-owned subsidiary of CyberSource Corporation (NASDAQ: CYBS). CyberSource solutions enable electronic payment processing for Web, call centre, and POS environments. CyberSource also offers industry leading risk management solutions for merchants accepting card-not-present transactions. CyberSource Professional Services designs, integrates, and optimises commerce transaction processing systems. Over 273,000 businesses use CyberSource solutions, including half the companies comprising the Dow Jones Industrial Average. The company is headquartered in Mountain View, California, and has sales and service offices in Japan, the United Kingdom, and other locations in the United States including Bellevue, Washington and American Fork, Utah. For more information on CyberSource Ltd. please visit or email [email protected].

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights