OverviewEmail Security SecureTransport Validation Authority                          
OverviewIndustry Solutions Application Solutions                                                                     
OverviewPortal Login Consulting Training Contact                                           
Overview Find a Partner Apply Now Technology                         
 
 

Solutions: PCI Compliance

Solutions for PCI Data Security Standard Compliance

It's hard to read the news without seeing a notice of yet another payment card data breach. Retail merchants, banks, and payment card processors are under pressure to adhere to the Payment Card Industry Data Security Standard, and put into place layers of security and policies that ensure the protection of cardholder information. Non-compliance can be costly - recent studies indicate that the cost of a single payment card breach can run from hundreds of thousands to tens of millions of dollars in lost customers and reputation, financial compensation, and legal costs.

On the path to PCI compliance, it is important for companies to consider the payment-related processes that require the transfer of sensitive credit card information every day, and implement solutions that protect cardholder data in motion against potential threats. Files containing daily receipts or chargeback information for payment cards must be shared safely with partners, questions about credit card applications may need to be encrypted and emailed from employee to supervisor, unintentional cardholder information leaks need to be detected and blocked.

Tumbleweed offers a suite of secure communication solutions that enable merchants, payment processors, and payment card issuers to achieve compliance with the Payment Card Industry Data Security Standard, securing an electronic communication path for the safe transfer of millions of customer records, and automatically encrypt and delivering cardholder information in email messages. With Tumbleweed solutions, you can meet PCI compliance objectives and have ready access to necessary payment card information.

Tumbleweed Solutions for PCI Compliance

Tumbleweed MailGate™ – Email Compliance, Network Protection and Secure Messaging

Tumbleweed MailGate products provide network protection, email compliance, and secure messaging services that protect against unintended or unprotected transmission of cardholder data through email. MailGate products use policy-based content filtering to identify sensitive information in email and attachments and block or encrypt messages to enforce business policies. These products incorporate ready-to-use templates that identify magnetic stripe data, primary account numbers, and other sensitive cardholder information in email messages, so that you can achieve PCI compliance by protecting, controlling, and tracking cardholder information sent through e-mail. MailGate products install quickly and are easy to manage, allowing you to add multiple layers of protection to your existing email network—without requiring changes to your enterprise systems, applications, protocols, or end-user procedures. Using MailGate products, retail merchants and payment card service providers can:

  • Identify and block messages containing restricted magnetic stripe data, using dedicated PCI lexicons with powerful filtering and policy definition technology.
  • Detect and encrypt cardholder data in email messages, or report and block attempted transmission of cardholder data to detect unauthorized use.
  • Track and document PCI compliance to conduct pre-audits or demonstrate resolution of past audit issues.
  • Protect PCI-related data and systems from external threats with comprehensive security against spam, viruses, worms and hacker intrusions

Learn More about MailGate - Email Security Solution

Tumbleweed SecureTransport™— Secure File Exchange, Process Automation and Services

Tumbleweed SecureTransport is an enterprise-class file-transfer solution that enables merchants, banks, and payment card service providers to use public networks for secure customer services, process automation, and payment card information transfer with other partners. By deploying a secure infrastructure for transferring cardholder data over the Internet, these companies can reduce the potential loss of large volumes of cardholder information.  Secure Transport ensures end-to-end protection for file transfers with strong encryption and access control, plus an architecture that prevents storage of sensitive data in the DMZ.  Using SecureTransport, retail merchants and payment card service providers can:

  • Use a secure point-to-point file transfer protocol to share payment card information with partners in a safe and efficient Internet communications model 
  • Conduct B2B and EDI transactions with strong encryption, using standards-based Internet protocols with FTP, FTPS (SSL/TLS), SFTP (SSH), HTTP, HTTPs (SSL/TLS) and AS2
  • Audit and report on data exchanges to demonstrate regulatory compliance

Learn More about SecureTransport - Secure File Transfer Solution

^ back to top

Tumbleweed Products

Industry Solutions

Healthcare Government Financial

Additional Information

Whitepapers

Achieve PCI Compliance for Email and File Transfers

HIPAA-Compliant
Process Automation

Healthcare Industry Best Practices for Securing Email

Brochures

SecureTransport

Secure Messenger

Datasheets

PCI Compliance

Fact Sheets

HIPAA Accelerator

Articles

IT Teams Gear Up For Virus Attacks
(Healthcare IT News)

HIPAA and other government regulations may help spur the adoption of secure messaging technologies (Information Week)

Tumbleweed Partners with Child Health Corporation of America (CHCA)