PRESS RELEASE: March 17, 2010
Voltage Security Selected by
Fourth Largest Global Payment Processor for End-to-End Encryption and Tokenization
Fifth Third Processing Solutions to Offer Voltage Technology to Merchant Network as Preferred Solution
March 17, 2010 -- Palo Alto, CA -- Voltage Security, Inc. (www.voltage.com), the global leader in end-to-end data protection, today announced that Fifth Third Processing Solutions, the fourth largest merchant purchase transaction acquirer in the world, will offer Voltage-powered end-to-end encryption and tokenization to its merchant network of over 180,000 merchant locations including hundreds of PCI Level 1 merchants. Fifth Third Processing Solutions will integrate Voltage SecureData Payments™, a version of its industry-leading end-to-end encryption solution specifically tuned for merchants and payment processors, into its payment processing solution and make it available throughout its merchant network.
Voltage SecureData Payments extends data protection from card swipe to card brand hand-off, covering the critical endpoints of the payment stream. This means encryption and protection now covers authorization and settlement at card swipe and post-settlement business processes at the merchant and/or payment processor location.
“The multiple benefits of Voltage end-to-end encryption make it the natural choice for large payment processors such as Fifth Third Processing Solutions. We can scale quickly to meet their needs and integrate seamlessly with various data processing configurations, reducing audit scope and offering outstanding data protection at a greatly reduced cost as compared to other approaches,” said Sathvik Krishnamurthy, president and CEO of Voltage Security.
“We are committed to providing our merchant partners with the most secure payment processing solutions available,” said Bob Bartlett, CIO at Fifth Third Processing Solutions. “This end-to-end encryption solution offers an extremely comprehensive and useful approach to data protection.”
Voltage SecureData Payments Extends Protection, Simplifies Key Management
- Critical Endpoints of Payment Stream Now Protected
In most existing payment systems, credit card data is left unprotected during the authorization and settlement processes that immediately start upon card swipe or some other point of entry. At the back end of the payment stream, cardholder data is often left unprotected during routine business processes such as processing for loyalty programs, charge-backs or repetitive payments.
All too often data breaches can happen when card holder data is left unprotected at these critical endpoints of the payment stream. Now, with Voltage SecureData Payments, cardholder data is protected at these endpoints and as it flows throughout the payment stream.
Voltage uses the Identity-Based Key Encapsulation and Encryption Protocol (IBKEEP) to transmit data across the various end-points without the need for decrypting and re-encryption.
- Innovation in cryptography provides end-to-end encryption without massive IT system changes
Voltage end-to-end encryption features an innovative cryptography approach called Format-Preserving Encryption or FPE. With Voltage FPE, credit card numbers and other types of structured information are protected without the need to change format or structure. This means that changes to existing IT systems, such as databases and business applications, are dramatically reduced resulting in reduced PCI audit costs, rapid implementation and the lowest ongoing operational cost.
- Simplified Key Management Eliminates Need for Laborious Key Injection
With point-of-sale (POS) solutions that use legacy symmetric encryption, encryption keys must be reset annually for each POS device through a process called key injection. This procedure is expensive and cumbersome for merchants as they must take POS devices offline and ship them back to a secure facility for new keys.
Now POS devices enabled with Voltage’s end-to-end encryption operate using simplified key management which does away with any need to inject keys. With the Voltage approach, based on the IBKEEP protocol discussed above, encryption keys can be changed and rotated as needed and transparently, without impact to the underlying data or processes.
- Easy Integration with Voltage SecureData Enterprise to Extend Data Protection Throughout Organization
Now merchants and payment processors can easily extend their data protection efforts to other types of customer and employee data by integrating Voltage SecureData Payments with Voltage SecureData Enterprise. The use of common underlying architectures for end-to-end encryption and tokenization for both solutions enables easy extensibility throughout the enterprise to protect all types of private information, to reduce audit scope and to reduce costs associated with potential data breaches.
- Voltage SecureData Payments Compatibility with Host Systems and Wide Variety of POS Platforms
Voltage SecureData Payments provides native operation on a wide variety of merchant or payment processor host systems including mainframes, mid-range computer systems or open/cloud based-systems. In addition, easy connections can be implemented across a variety of POS devices including electronic cash registers and ecommerce payment platforms enabled with the previously announced Voltage SecureData POS software development kit (SDK).
The entire Voltage SecureData suite of solutions is available today and includes:
- Voltage SecureData Payments for payment processors and merchants for protecting payment, settlement and authorization data.
- Voltage SecureData Payments POS SDK for POS, ECR, mobile device manufacturers and ecommerce payment platform providers, enabling the protection of data at the point of card capture.
- Voltage SecureData Enterprise designed to protect all types of structured and unstructured data such as social security numbers, driver’s license as well as cardholder data using end-to-end encryption and tokenization
Please visit Voltage at www.voltage.com/end-to-end for more detailed information.
Webinar to Discuss How End-to-End Encryption Reduces Merchant Risks
The Electronic Transaction Association (ETA), Mercator Advisory Group and Fifth Third Processing Solutions will participate in a web seminar on March 18th, 2010, entitled “Protecting cardholder data - End-to-End Encryption and Tokenization” – which will describe how merchants can reduce the risks and costs associated with protecting cardholder data – to register visit http://www.voltage.com/solutions/technology/end-to-end-encryption/100311-protecting-cardholder-data.htm.
About Voltage Security
Voltage Security, Inc., an enterprise security company, is an encryption innovator and global leader in end-to-end data protection. Voltage solutions, based on next generation cryptography, provide end-to-end encryption, tokenization, masking and simplified key management for protecting sensitive information such as card holder data. Voltage products enable reduction in PCI audit cost with rapid implementation and the lowest total cost of ownership in the industry through the use of award-winning cryptographic solutions, including Voltage Identity-Based Encryption™ (IBE) and a new breakthrough innovation: Format-Preserving Encryption™ (FPE). Offerings include Voltage SecureMail™, Voltage SecureData™, Voltage SecureFile™ and the Voltage Security Network™ (VSN), an on-demand managed service for the extended business network.
As a service to the industry and general public, the company maintains the Voltage Data Breach Index and Map which is continuously updated with global data breach information: www.voltage.com/data-breach. The Company has been issued several patents based upon breakthrough research in mathematics and cryptographic systems. Customers include Global 1000 companies in banking, retail, insurance, energy, healthcare and government. To learn more about Voltage customers and sign up for the customer news letter please visit www.voltage.com/customers.
Voltage Identity-Based Encryption, Voltage Format-Preserving Encryption, Voltage SecureMail, Voltage SecureFile, Voltage SecureData and the Voltage Security Network (VSN), are registered trademarks of Voltage Security, Inc. All other trademarks are property of their respective owners.