RESEARCH: New report analyzes data breaches, encryption, EMV

Javelin Strategy & Research has announced the release of a new research report that puts EMV, end-to-end encryption and tokenization under the microscope. 

Javelin says in a news release that the new report "analyzes all solutions against the backdrop of current breach criminal activity, recommending a hybrid of end-to-end encryption and tokenization for the best defense against payment card fraud." 

"While current solutions fall short of offering true end-to-end encryption, they nonetheless satisfy the merchants' need to remove payment card data from within their organizations," Javelin states in the release. 

The report, "End-to-End Encryption, Tokenization, and EMV in the US: Vendor Analysis of Emerging Technologies and Best Hybrid Solution," assesses the capabilities of end-to-end encryption, tokenization, virtual terminals, magnetic-stripe security and the EMV standard as solutions to combat payment-related data breaches.

"These emerging technologies minimize fraud losses due to data breaches by protecting, replacing or removing sensitive credit-card data," said James Van Dyke, Javelin's president and founder. "These approaches have come along at the right time because the recent flurry of large public data breaches has heightened the need for and cost of security compliance." 

The National Retail Federation estimates that more than $1 billion has been spent to date by merchants on security compliance. 

The report also includes evaluations of the following vendors, some of which have recently been compromised by data-security breaches: 

• Processor Vendors:Chase Paymentech, First Data Corporation, Heartland Payment Systems and RBS WorldPay. 
• Technology Vendors:Hypercom, Ingenico, MagTek, Semtek, VeriFone and Voltage. 
• Tokenization Vendors:Chase Paymentech, Cybersource, nuBridges, RSA and Shift4.

"If merchant cardholder data can be rendered useless to criminals, the liability and costs associated with PCI-compliance can be slashed," said Robert Vamosi, Javelin's analyst of risk, fraud and security. "But the key question is how merchants and the card industry should select and implement security protection technologies right now."