In it the last topic covered is a view of the future: evolving compliance requirements, and the impact of technology. Which begs the question, what about technological advances – do they help or hinder in the effort to remain ahead of the cybercriminals?
New technology is a challenge in two respects: criminals can use it to attack in new ways, but also the new technology that you adopt may introduce new unforeseen attack vectors. The IT department may feel there’s a widening gulf between what they’ve anticipated and planned for, and what the potential threats may be.
But by dividing the problem up into its component parts, and searching for suppliers who specialise in those areas, the problem can be attacked at its root. For example P2PE allows you to deal with the sensitive data right at the point of entry; tokenization allows you to descope back-office systems such as loyalty, loss prevention, reconciliation and reports; and a hosted payments page allows you to remove your eCommerce system from the scope of PCI DSS. But it might not be possible to obtain all of these technologies from a single supplier, for example our research found that “Retailers want to combine a secure tokenization solution with a P2PE solution, however, they are finding that it is rarely easy to achieve and highly dependent on third party providers within the retailers immediate payments ecosystem.”
The ACI retailer solution can provide P2PE while still giving you a choice in selecting a PED manufacturer; similarly it can support tokenization independently of the acquirer or PSP you select; or call out to a hosted payments page.
We work with a large number of acquirers and PSPs; and multiple comms providers, HSM vendors, hardware vendors, POS application vendors, PED manufacturers, and system integrators, meaning that you can select the providers who are ideally positioned to deliver on your unique requirements – and combine their technologies with the ACI retailer solution to create a solution that is tailored to your exact needs.
Thank you for reading up to this point, which is the end of this blog series. Please do download the white paper, and I look forward to any comments you may have. My name is Michael Kyritsis, I’ve worked in the payments industry for 17 years, and I’m employed by ACI as lead solution consultant. Throughout my career I’ve been determined to see how EFT software is used by real customers, and I am continually discovering that each customer has unique requirements – there’s no one-size-fits all solution. Similarly each customer has unique perspectives to contribute to a collective “industry view”. Distilling this industry view, and seeing how it compares to our solution’s capabilities is both reassuring and challenging. I’ve concluded that in the ACI retailer solution we have the expertise and products to build a solution perfectly tailored to the requirements of the largest and most demanding global retailers.