"Tokenization" by Lufthansa Systems
The increasing abuse of credit card data has prompted the major credit card companies to introduce a new standard for the processing of credit card data – the Payment Card Industry Data Security Standard (PCI DSS). Failure to comply with these rules can result in fines for companies of up to USD 50,000 per month. The PCI regulation catalogue of the PCI Council contains more than 380 detailed requirements which must be followed when using card data.
Key features
Our Value Added Product PCI Compliance Engine is a solution which facilitates your PCI DSS compliance with the minimum of effort. It uses a completely new and innovative approach. Our basic concept is that if the card data no longer exists, it does not need protecting any more. The new technology temporarily eliminates the card number and replaces it with a token or artificial ID. The tool is the only data unit which isolates and stores the credit card numbers centrally.
As the artificial ID is neither a credit card number nor an encrypted credit card number, the PCI DSS requirements for the applications concerned are no longer relevant – and must therefore no longer be met.
Key benefits
- Efforts to become PCI DSS compliant are reduced to a minimum
- Fast implementation due to gradual and risk-minimized procedure
- Central approach reduces the risk of misuse and prevents financial and image-damaging effects
- Proven high-availability of 99.9% possible
Target group
PCI Compliance Engine is suitable for all airlines – particularly for those with several in-house applications affected by PCI DSS.
back
