From the Visa Security Summit in Washington D.C.—April 27, 2011–- Voltage Security, a global leader in enterprise and payment card data protection inside and outside the cloud, today announced a new encryption breakthrough for protecting personal data entered by consumers on web pages called PIE for Page-Integrated Encryption™. The company also announced Voltage SecureData Web™, a new enterprise-class data protection solution that uses the PIE encryption protocol, designed for e-commerce merchants struggling with protecting PAN (primary account number) data exchanged in web-based transactions and reducing PCI DSS audit scope in web applications and infrastructure.
“We are the only vendor to have a comprehensive payments security solution both for card-present and now e-commerce, via end-to-end encryption, tokenization and data masking,” said Mark Bower, vice president of Product Management for Voltage Security. “For the first time, merchants can retain total control of their customer experience in the important payment capture process, without having cardholder data present in their ecosystem or key management worries--reducing risk and PCI compliance cost in the process.”
PIE is particularly useful for e-commerce and other cloud-based applications that use confidential personal information such as credit card numbers, social security numbers and the like. It leverages the patented Voltage Format-Preserving Encryption™, which ensures that data retains its format and semantics upon encryption, this means minimal changes to existing systems resulting in overall lowered costs for protecting data end-to-end.
E-Commerce Merchants Remain Vulnerable
As growth in online retailing continues, e-commerce merchants also continue to be vulnerable to data breach risks across their network and application infrastructure. Studies show global e-commerce is growing by more than 19% per year worldwide, and retail web sales are predicted to reach nearly $1 trillion by 2013. At the same time, 13% of web hacking cases in 2010 were related to criminals seeking to steal consumer financial and identity data from e-commerce web sites.**
“Voltage is giving e-commerce merchants a better perimeter than they’ve had before,” commented George Peabody, director, Emerging Technology Advisory Services, Mercator Advisory Group. “There are no silver bullets in payments security, but this is a much-needed step forward for the industry.”
“The rapid adoption of cloud computing and mobile applications is compounding data protection problems,” said Judith Hurwitz, president and CEO of Hurwitz & Associates. “Business boundaries no longer exist and a lack of transparency compounds security risks for companies.”
The new Voltage solution, Voltage SecureData Web, is targeted to e-commerce merchants who struggle with keeping PAN data confidential and reducing the PCI DSS audit scope.
Another Encryption Breakthrough
PIE represents the cumulative efforts of Voltage’s extensive research and presence in the payments industry. It adds to the prior cryptographic breakthroughs commercialized by Voltage including: IBE, Voltage Identity-Based Encryption™, which is widely recognized as the next generation of public key cryptography and is the foundation of Voltage SecureMail, now the world’s leading email encryption solution; FPE, Format-Preserving Encryption™, provides a simple and effective way to protect data in applications and databases with minimal change impact to existing infrastructure, and powers Voltage SecureData and Voltage SecureData Payments, the most comprehensive solution for end-to-end and point-to-point encryption in the payments industry; and now, PIE, a simple but effective way to protect browser-exchanged sensitive data and keep merchants out of PCI audit scope.
Voltage recently called for new measures to protect consumers from wide-ranging data breaches in this piece, “The Epsilon Hack Attack: Time for ‘SOX’ for Consumer?”
More Information and Availability
Voltage SecureData Web is in pilot deployment with leading payment providers and will be available for general delivery in summer 2011. For more information and to sign up for an online overview, please visit http://www.voltage.com/solutions/ecommerce.
About Voltage Security
Voltage Security, Inc., an enterprise security company, is an encryption innovator and global leader in enterprise data protection for data residing both inside and outside the cloud. Voltage solutions provide cloud-scale encryption and simplified key management for protecting sensitive information wherever it is stored and processed, on-premise or in private and public clouds. Voltage solutions are in use at almost 1,000 enterprise customers, including some of the world’s leading brand-name companies in payments, banking, retail, insurance, energy, healthcare and government.
Voltage solutions reduce the risks associated with theft of sensitive and private information, support privacy guidelines including PCI DSS, HITECH, U.S. Data Breach Disclosure laws and European Data Privacy directives, and uniquely provide security of data coupled with unmatched usability which results in significantly lowered total cost of ownership.
Harnessing award-winning cryptography and key management, including Voltage Identity-Based Encryption™ (IBE) and a breakthrough innovation in data usability, Format-Preserving Encryption™ (FPE), Voltage solutions have changed how enterprises protect their most valuable asset, their customer data. Offerings include Voltage SecureMail™, Voltage SecureData™, Voltage SecureFile™ and Voltage Cloud Services™ which provides cloud scale encryption and key management for businesses, partners and their customers. The Company has been issued several patents based upon breakthrough research in mathematics and cryptographic systems. To learn more about Voltage customers please visit voltage.com/customers.