Free PANscan Detects Forbidden Credit Card Data On Business Computer Systems

SecurityMetrics' automated scanning tool can protect retailers and other businesses from theft of cardholder data

March 24, 2011

2 Min Read


SALT LAKE CITY, March 23, 2011 /PRNewswire/ -- Businesses can now quickly determine whether they are among the 63% of organizations that have theft-prone credit/debit card information on their computer systems with PANscan, an automated scanning tool from SecurityMetrics that can be downloaded free of charge at The software can help protect retailers and other businesses from theft of cardholder data as well as regulatory fines.

Usable with a few clicks and no technical expertise, PANscan:

-- Searches for Primary Account Numbers (PANs) and Track 1 and 2 magnetic stripe data stored in clear text - without encryption - in violation of the Payment Card Industry Data Security Standard (PCI DSS). -- Triple-checks results to ensure accuracy. -- Reports the findings in a popup window as soon as the scan is complete. -- Performs scans as frequently as desired on any number of local hard drives, optical drives, network servers and/or external storage devices at no cost.

The discovery of unprotected cardholder data indicates an improperly designed or configured payment application, failure to erase old data when new payment applications are purchased, or improper card data handling and storage by employees. SecurityMetrics can assist in identifying the source of the problem as well as correcting it.

In addition, SecurityMetrics offers a full suite of other services to help businesses avoid payment card-related security breaches and card brand fines of up to $500,000 per incident for a PCI DSS violation. The firm's PCI Site Certification Services help businesses of all sizes fulfill PCI DSS requirements, including identifying security weaknesses such as misconfigured websites, applications and servers that can be exploited from outside the merchant's business via the Internet and validating PCI compliance to merchant banks as required.

About SecurityMetrics

SecurityMetrics, Inc. is a leading provider of Payment Card Industry (PCI) Data Security Standard (DSS) security solutions, including the most successful mass-merchant compliance model in the industry. The company is certified to perform PCI Scans (ASV), PCI audits (QSA), Payment Application Data Security Standards audits (PA-QSA), penetration tests and forensic incident response assessments (QIRA). SecurityMetrics also offers a security appliance that includes vulnerability assessment, intrusion detection and intrusion prevention capabilities. SecurityMetrics is a privately held corporation headquartered in Orem, Utah. For more information, contact SecurityMetrics at (801) 724-9600 or visit

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights