The holiday shopping rush puts tremendous pressure on retailers to not only work efficiently to meet heightened demand, but to also keep a watchful eye on their customers’ data. PCI Data Security Standards, which set minimum security requirements for companies that store or process credit cards, specifically call for two-factor authentication when the network is accessed remotely by employees, administrators or a third-party. Large retailers face a number of unique challenges in addressing this requirement, including geographically diverse retail locations, high employee turnover rates, and seasonal workers. These risks all are compounded during the holiday season, making them a key target for hackers.
“After TJX and, more recently, the Heartland breach shining a spotlight on credit card data security, retailers are under a tremendous amount of pressure to protect their customers, and the PCI Data Security Standards are an important part of that,” said Steve Dispensa, PhoneFactor CTO and co-founder. “PhoneFactor enables rapid, cost-effective compliance with PCI DSS and adds a critical layer of security to prevent unauthorized access to highly sought after credit card data.”
By leveraging something every user already has – a phone – to authenticate user logins, PhoneFactor is ideal. A user simply logs in with a username and password. Instantly, his phone rings. He answers, presses # (or enters an optional PIN), and is immediately granted access. PhoneFactor also offers text messaging and voice biometric options.
Because there are no security tokens to provision and no software or certificates for end users to install, PhoneFactor can quickly be enabled for large numbers of employees at retail locations worldwide.
“PhoneFactor provided New York & Company with rapid two factor authentication for PCI DSS compliance requirements that was extremely easy for our employees and partners to use,” remarked Bill Voit, CIO. “Our IT department had it up and running in just hours and all users were able to use it within a few days.”
PhoneFactor has been part of countless PCI DSS audited customer implementations. With PhoneFactor, all user data is stored within the customer’s network and advanced logging is available for auditing purposes. In addition to meeting PCI DSS requirements for two-factor authentication, many retailers incorporate PhoneFactor’s fraud alerting capabilities into their incident response plans.
About PhoneFactor PhoneFactor is a leading provider of two-factor authentication. The company’s award-winning platform uses any phone as a second form of authentication. PhoneFactor’s out-of-band architecture and real-time fraud alerts provide strong security for enterprise and consumer applications. It’s easy and cost effective to set up and deploy to large numbers of geographically diverse users. PhoneFactor was recently named to the Bank Technology News FutureNow list of the top 10 technology innovators securing the banking industry today and a finalist in the SC Magazine Reader Trust Awards. Learn more at www.phonefactor.com.