Discover What the First Data® TransArmor® solution Can Do for You

A unique combination of two distinct data security techniques - encryption and tokenization. The First Data® TransArmor® solution offers multilayered protection.

Our security solution offers these industry-leading benefits:

  • The most readily available card data security solution in the marketplace – offered on multiple payment solutions to fit merchant’s needs
  • Protects customer’s valuable payment card data from the growing threat of payment card thefts
  • Encrypts card data as soon as it enters the merchant environment — prior to transmission — and is protected throughout the entire transmission process
  • Reduces PCI compliance scope, effort and cost by removing payment card data and replacing with a token
  • Allows you to safely store customer data for business processes, customer analytics, recurring payments and more

With the TransArmor solution, payment card data is protected at every transaction stage — in transit, in use and at rest — reducing risk as well as the scope and cost of PCI compliance.

Ignite Payments uses First Data's processing engine.

Small Businesses Can be Easy Targets

Criminals have realized small businesses lack the capabilities of the larger organizations; therefore they have become an easy target. A criminal cannot steal what you don’t have! TransArmor solution reduces the associated risks of transmitting and storing sensitive card data by removing it entirely, and transfers the liability of protecting cardholder data to First Data.

  • 90% of breaches impact small merchants
    (source: 2011 Trustwave survey)
  • 78% of breaches focus on stealing payment card data
    (source: 2011 Verizon Data Breach Investigations Report)
  • $214 average cost per card or record breached
    (source: 2010 Ponemon Institute Annual Study)

Remove Data. Reduce Risk.

Payment card numbers are valuable and represent prime targets for fraudsters and cyber-criminals. Frequently, merchants might have to decide whether to keep the data for back-end business processes or drop it after settlement and avoid the risk. With the TransArmor solution, there's no reason to choose — you can have both.

By substituting token numbers for Primary Account Numbers (PANs), not only can you reduce the risk of exposing real cardholder data, but you can use token numbers to develop innovative marketing campaigns, create customer loyalty programs, or conduct business data analysis which can be important for your business.

Easy to Implement

  • As a software-based solution, no new hardware, changes to back-end systems or employee training is typically required
  • The solution is integrated with a variety of First Data, VeriFone and other terminal devices and point-of-sale systems

Get the Extra Protection of a Limited Warranty

  • First Data offers a limited warranty in the event that a token number returned to the merchant is lost or stolen and used fraudulently outside the merchant environment*

Leverages World-class Technology from Market Leaders

  • The TransArmor solution is based on a partnership between First Data, VeriFone Systems, a leading provider of electronic payment solutions, and RSA, The Security Division of EMC and leading developer of information security solutions

Reducing PCI DSS Scope

Removing sensitive payment card data from merchant systems helps remove those systems from PCI scope. Limiting the merchant environment also minimizes the investment in time and resources needed to meet PCI requirements.
With the TransArmor solution, you get industry-leading benefits:

  • Can reduce the scope of annual PCI audits by as much as 80%
    (source: interview with CoalFireSystems)
  • Can reduce the time PCI compliance requires by as much as 50%
    (source: interview with SecurityMetrics)

*See the TransArmor solution terms and conditions for full details.

Combines Two Layers of Powerful Payment Card Data Protection

  • diagramProtects data in transit with state-of-the-art encryption options that secures data from the moment of swipe throughout the transaction
  • Removes data from the card data environment (CDE) after authorization by replacing it with a token or randomly generated number
  • Eliminating card data helps prevent a data breach - the best way to protect card data is not to have any at all
  • Reduces the risk of data loss, brand damage, customer confidence, financial liability and litigation due to a security breach
  • Safely stores non-sensitive tokenized card data for use in back-end business operations and customer analytics

Offers Multiple Encryption Types to Protect Merchants in any Industry

  • Multiple encryption options lets merchants choose an encryption type based on their needs and, in many cases, use existing terminals or hardware
  • Software-based encryption provided by RSA’s Public Key Infrastructure, can be installed on terminals or PC-based POS systems, letting you add the TransArmor solution with little-to-no investment in new or upgraded hardware
  • Hardware-based, format-preserving encryption, offered on standalone and integrated VeriFone devices, through the VeriFone edition, usually requires no software changes at the POS application level and no extra steps or training for the retailer

Encryption

During a sale, card data is encrypted as soon as it enters the merchant environment — prior to transmission — and is protected throughout the transmission process.

With asymmetric encryption supported by RSA technology, data is secured at the merchant point-of-sale (POS) with the Public Key and can only be decrypted by the Private Key held at First Data. The encrypted data is indecipherable, does not resemble the original data format and works on most existing POS terminals and systems.

Hardware-based, format-preserving encryption–available through the VeriFone edition—secures payment card data on a tamper-resistant device before it enters the merchant environment in a format that other applications interpret as valid card data. In format-preserving encryption, the algorithm encrypts data so that the output is in the same length and character set as the input, which is beneficial for bin routing and coding/certification.

Tokenization

Tokenization is a form of data substitution replacing sensitive values with non-sensitive token values. Post-authorization transactions are handled via RSA’s SafeProxy tokenization service, which returns a token with the transaction’s authorization to the merchant. A token can then be stored in the merchant environment in place of the primary account number (PAN) making it possible for a merchant to process follow-on transactions, without having to store customer’s account data in the clear.

  • Removes need for merchant to retain PANs in card data environment (CDE)
  • Tokens are non-reversible and are not mathematically derived from PAN
  • Tokens cannot be used by an unauthorized party to conduct fraudulent transactions
  • Tokens match the format of the initiating PAN
  • Tokens do not overlap major brand (Visa, MC, AMEX, Discover) BIN ranges (first digit is 0-2 or 7-9)
  • Tokens are card-based, meaning a merchant will always get the same token back for a specific PAN
  • Tokens share last four digits with corresponding PAN

Legacy Data Conversion

Beyond encrypting and tokenizing data for transactions at the point of sale, merchants also need to consider the risk of stored primary account numbers (PAN) in their card data environment. To help prevent potential breaches and reduce PCI scope and maintenance costs, merchants can obtain an additional service offering, Legacy Data Conversion.

In this optional service, merchant’s legacy or stored PAN data is completely removed from the card data environment (CDE) and replaced with TransArmor solution tokens. The tokens can then be used similarly to any other TransArmor solution token to perform customer analytics and understand consumer buying behavior.

How the TransArmor Solution Works

diagram

  1. Consumer presents card to merchant POS
  2. Card data is encrypted and transmitted to First Data front-end
  3. First Data front-end decrypts the data payload
  4. Card data is sent to issuing bank for authorization and, in parallel, tokenized
  5. Token is paired with authorization response and sent back to the merchant
  6. Merchant stores token instead of card data in their environment and uses token for subsequent business processes

Multi-Pay Tokens

The TransArmor solution includes the Multi-Pay Token option to support businesses that need to submit a financial transaction in a card-not-present situation. These tokens are unique to each merchant that uses them and are stored in place of the primary account number (PAN). With these tokens, merchants can initiate new or recurring payments within their own environment instead of using the original card number.

  • Valuable for eCommerce and card-not-present environments
  • Supports all businesses that rely on the ability to submit a sale transaction without card being present
  • Can be used for refunds and credits
  • Tokens let merchants track buying patterns for sales trending and marketing/loyalty programs while remaining PCI compliant

Global Gateway

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean eu leo quam. Integer posuere erat a ante venenatis dapibus corpore:
  • 1. Donec id elit non mi porta gravida at eget metus .
  • 2. Morbi leo risus, porta ac consectetur ac, vestibulum at eros.
  • 3. Donec id elit non mi porta gravida at eget metus.

Why You Need It

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean eu leo quam. Integer posuere erat a ante venenatis dapibus corpore:
  • 1. Donec id elit non mi porta gravida at eget metus .
  • 2. Morbi leo risus, porta ac consectetur ac, vestibulum at eros.
  • 3. Donec id elit non mi porta gravida at eget metus.

Competitive Edge

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean eu leo quam. Integer posuere erat a ante venenatis dapibus corpore:
  • 1. Donec id elit non mi porta gravida at eget metus .
  • 2. Morbi leo risus, porta ac consectetur ac, vestibulum at eros.
  • 3. Donec id elit non mi porta gravida at eget metus.

What it does

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean eu leo quam. Integer posuere erat a ante venenatis dapibus corpore:
  • 1. Donec id elit non mi porta gravida at eget metus .
  • 2. Morbi leo risus, porta ac consectetur ac, vestibulum at eros.
  • 3. Donec id elit non mi porta gravida at eget metus.