Trans Armor are you ready for the next level in security encryption in the credit card processing industry? Simplify your PCI DSS, Protect your customers, PROTECT YOUR BUSINESS!

1. TransArmor Solution ®
Protect valuable payment card data with the First Data® TransArmor® solution.
Secure payment card data from the point of sale and prevent it from entering
your environment through the powerful combination of tokenization and
encryption to help reduce your risk and simplify your PCI compliance effort.
The Challenge The Solution
Payment card numbers are valuable and represent The First Data TransArmor solution is a powerful
prime targets for fraudsters and cyber-criminals. With payment security solution that combines the flexibility of
more than 900 million payment card records breached software- or hardware-based encryption with random-
between 2004 – 2009 , businesses have collectively
1 number tokenization. This unique layered service protects
spent more than $1B on Payment Card Industry Data merchants and consumers from the risks of transmitting
Security Standard (PCI DSS) compliance . Securing 2 and storing vulnerable card data while leaving business
payment card numbers and complying with PCI DSS processes intact. With the TransArmor solution, payment
requirements are critical, but security spend and card data is protected at every transaction stage - in
potential losses from fraud can cut significantly into transit, in use and at rest - reducing risk as well as the
your bottom line, translating to average costs in 2009 scope and cost of PCI compliance.
of $204 per compromised record . 3
JJ During a sale, card data is encrypted as soon as
The challenge is to find a comprehensive solution that lets it enters the merchant environment – prior to
transmission – and is protected throughout the
you maintain the benefits derived from card acceptance
entire transmission process.
and transaction data while minimizing the risk involved
JJ During the authorization process, the Primary
in transmitting and maintaining that data while also
Account Number (PAN) is replaced with a randomly-
reducing the scope and cost of PCI compliance.
generated token value that can be used for business
activities and analytics.
JJ Each time a specific card is used to make a payment,
the TransArmor solution returns the same token
number to the merchant. This 1:1 relationship means
you can track and analyze an individual customer’s
buying behavior without housing payment card data
in your business systems.
JJ The random-number token eliminates sensitive
cardholder information from the merchant
environment, thereby removing systems that store
the token from PCI scope and ensuring that payment
firstdata.com card numbers cannot be identified.
1
Verizon, 2010 Data Breach Investigations Report, Verizon Business RISK Team in cooperation with the United States Secret Service, 2010
2
Letter to Bob Russo of the PCI Security Standards Council from the National Retail Federation, et. al., June 9, 2009.
3
Ponemon Institute, 2009 Annual Study: Cost of a Data Breach, January 2010

2. Two Layers of Security:
The Industry Standard Benefits to Your Business
Payment security is paramount for any business, however JJ Risk removed while business processes remain
intact—removing sensitive card data and replacing it
it is difficult to maintain constant vigilance over every
with something of no inherent value outside of your
data access point. To address the security challenge, the
business secures the payment transaction flow while
TransArmor solution offers multiple layers of security that still supporting business analytics and processes.
make cardholder data significantly more secure while
reducing the scope and cost of PCI compliance. The JJ Flexible, layered approach to security reduces
solution offers you the flexibility to choose the encryption card data vulnerability and merchant liability—
protects data with state-of-the-art tokenization and
and tokenization combination that best meets your needs.
encryption and removes actual card data, thereby
reducing the risk of data loss, brand damage, loss of
customer confidence, financial liability and litigation.
Software-based encryption, supported by RSA, the
security division of EMC, can be installed on PC-based
JJ Reduction of PCI compliance time, costs and effort—
POS systems, letting you add the TransArmor solution removing sensitive card data from merchant systems
with little-to-no investment in new or upgraded hardware. also removes it from PCI scope. This minimizes the
Format-preserving, hardware-based encryption, amount of time and resources needed to meet PCI
requirements.
available through the VeriFone edition and offered on
VeriFone devices such as the MX 800 Series and Secure • Can reduce the scope of annual PCI audits by
as much as 80%4
PumpPAY and Ruby SuperSystem point-of-sale (POS)
• Can reduce the time PCI compliance requires
solutions, requires no software changes at the POS
by as much as 50% 5
application level and no extra steps or training for the
retailer. Multiple encryption options mean that you can
JJ Minimizes IT resource allocation to implement—
encrypt the data at the point-of-capture and remove it enabling businesses to maintain focus on broader
from PCI scope, limiting the card data environment to business initiatives. Works with First Data, VeriFone
the point-of-capture device itself. and other terminals or point-of-sale systems and can
be applied across brick-and-click environments.
• No new hardware in most cases
While encryption protects the data in motion through • No changes to back-end IT systems
your systems prior to authorization, tokenization • No employee training
removes the card data from your environment after
authorization. Provided by the RSA SafeProxy architecture, JJ Solution from the market leaders in payments and
tokenization replaces the primary account number with security—designed to address the challenges of
payment security in partnership between First Data,
a randomly generated data substitute, called a token,
a leader in electronic commerce and payments
to protect card data at rest and in use. The token retains
technology, VeriFone Systems, a leading provider
the business value of payment card data that is needed of electronic payment solutions, and RSA, the
for analytical activities based on card spending. However, Security Division of EMC and leading developer
the token is of no value whatsoever to cybercriminals of information security solutions.
and cannot be used to identify a card number or to 4
Interview with CoalFireSystems.
fraudulently initiate new transactions. You can maintain 5
Interview with SecurityMetrics.
your business processes without the risks, or costs, of
storing card data.

3. TransArmor Solution ®
How the TransArmor Solution Works
The TransArmor solution is an industry-unique combination of encryption technology to protect sensitive
Card Present (CP)
payment card data in-transit along with tokenization technology to safely store card data post authorization.
Merchant Enviroment First Data Datacenter Bank
1 merchant 2 card data
encrypted
3 4 issuer
First Data
switch
6 merchant 5 token
Token Number
Assigned
transaction log
settlement
data warehouse
6 anti-fraud
4 Tokenization
Technology
6 analytics
1. Consumer presents card to merchant POS or fuel pump
2. Card data is encrypted and transmitted to First Data front-end
3. First Data front-end decrypts the data payload
4. Card data is sent to issuing bank for authorization and , in parallel, tokenized
5. Token is paired with authorization response and sent back to the merchant
6. Merchant stores token instead of card data in their environment and uses token for subsequent
business processes

4. Payment Solutions for
Maximum Performance
Around the world every day, First Data makes
payment transactions secure, fast and easy for
merchants, financial institutions and their customers.
We leverage our unparalleled product portfolio and
expertise to deliver processing solutions that drive
customer revenue and profitability. Whether the
payment is by debit or credit, gift card, check or
mobile phone, online or at the point of sale, First Data
goes beyond the transaction to help you maximize
value for your business.
For more information, contact your Sales
Representative or visit firstdata.com.
17B
© 2011 First Data Corporation. All Rights Reserved. All trademarks, service marks and trade names referenced in this material are the property of their respective owners.