The PCI task force published an Information Supplement commonly known as the “Tokenization Guidance” document for PCI DSS. But for a set of guidelines the supplement is sorely lacking in actual guidance.
In this white paper written by Adrian Lane, Analyst and CTO of Securosis, Adrian addresses the merchant’s concerns left dangling by the PCI council. He takes the guesswork out and provides real guidance for evaluating tokenization and clarifies how to benefit from tokenization. He fills in the gaps from the PCI supplement, and specifies what you can reasonably omit from the scope of your assessment.