Tenzing Managed IT Services

Tenzing Managed IT Services

April 25, 2012 08:00 ET

Tenzing Launches PCI Assure to Simplify Credit Card Data Security Compliance

New Service Provides Web Merchants With Fast, Easy and Cost Effective PCI-DSS Compliance

TORONTO, ONTARIO--(Marketwire - April 25, 2012) - Tenzing Managed IT Services (Tenzing), a leading provider of hosting solutions for e-commerce clients, partners and Software-as-a-Service (SaaS) providers, today launched PCI Assure, a new service that simplifies Payment Card Industry - Data Security Standard (PCI-DSS) compliance for e-commerce vendors. Tenzing's PCI Assure enables online merchants to capture customer credit card information from any website page while greatly shortening the PCI-DSS Compliance process to a few easy steps.

PCI-DSS is a security standard for organizations that handle cardholder information for major debit, credit, prepaid, ATM and Point of Sale cards. The standard was defined by the Payment Card Industry Security Standards Council and created to increase controls around cardholder data to reduce credit card fraud. Validation of compliance is done annually by an external Qualified Security Assessor (QSA) for organizations handling large volumes of transactions or by Self-Assessment Questionnaire (SAQ) for companies handling smaller volumes.

The heart of the PCI Assure system is a unique tokenization solution. The "data vault" allows Tenzing to securely store credit card information. When credit card information is put into Tenzing's data vault, a token is created to represent the real credit card. The token is then used by the merchant and can be stored freely on any computer system. The token can never be decrypted outside of PCI Assure so even if it ends up in the wrong hands, the number cannot be used to breach real credit card data.

"With highly publicized data breaches on the rise, companies need to take a closer look at credit card security and PCI-DSS compliance," says Brian Shepard, Founder and CEO of Tenzing. "Whether a retailer is new to e-commerce or simply concerned about their current PCI-DSS compliance status, handling this in-house exposes their organization to significant risk, and requires extensive time and human resources to manage."

Tenzing's PCI Assure uses IFRAME technology that can be easily embedded into any web application. The PCI Assure IFRAME only captures credit card and card verification value or code (CVV) fields, leaving the remainder of the fields on the merchant's website. Tenzing's IFRAME is secure and 100 per cent Level 1 PCI compliant. Since a merchant's website never sees customer credit card information, their compliance process can be reduced to completing a simplified SAQ Type A.

PCI Assure has already been integrated into major payment gateways, including Paypal Payflow Pro, Authorize.net, iPay and others.

"PCI Assure allows for total flexibility at checkout," adds Shepard. "Merchants know that the checkout process is where the biggest potential losses in conversion can occur, especially if users are redirected to other hosted payment page solutions. With PCI Assure, merchants benefit from fewer abandoned carts."

PCI Assure was also designed for complete customization. Merchants just drop in the Tenzing IFRAME and provide Tenzing with a Cascading Style Sheet (CSS). Tenzing matches the credit card fields to the merchant's design template, increasing transparency and raising their customer's comfort level to complete their transactions successfully.

About Tenzing Managed IT Services

Founded in 1998 and having more than 450 clients, Tenzing is a leading provider of hosting solutions for e-commerce clients, partners and Software-as-a-Service (SaaS) providers. Tenzing's mission-critical hosting infrastructure, mature ITIL / IT Service Management (ITSM) practices, and comprehensive Service Level Agreements (SLAs), enable the reliable, secure, and scalable delivery of complex applications. Tenzing is ISO 27001 and SAS 70 Type II certified with data centres in Toronto, Vancouver and Kelowna, B.C. For more information, visit www.tenzing.com.

Note to Editors: Tenzing is hosting a webinar focused on PCI-DSS Compliance on Thursday, April 26 at 2pm ET. To attend, please contact Andrew Ramsey at @andrew.ramsey@tenzing.com or 1-877-767-5577 x 438.

Contact Information