A large oil company with over 200 gas station locations, all of which handle credit card data for transactions, and a legacy backend mainframe system for data processing.
Achieve compliance with the PCI DSS regulations for high-volume gas station transaction data.
High transaction volumes and a very short window to handle payment settlement meant the system had to have very high throughput and scalable performance. Due to the legacy mainframe environment, the implementation also required little to no modification of systems.
And last, the company required a means for customer support to securely enter payment data manually.
Protegrity implemented a Vaultless Tokenization appliance in a staging environment outside the backend systems.
The transaction information from the gas stations is sent securely to the Protegrity appliance and placed in an encrypted file. The secure file is parsed and Credit Card Number (CCN) data is tokenized prior to entering legacy business systems. After processing, the protected CCN data is de-tokenized by the appliance and transmitted to payment processors for settlement.
Tokens were designed to bleed through the first 6 digits of the CCN, to make them compatible with legacy systems and prevent the need for modifications.