Companies pay dearly for data breaches that allow customers' credit card numbers to fall into the wrong hands. At the same time, complying with the security standards established by the credit card industry can carry a hefty price tag. Some businesses have decided that the safest and cheapest way to deal with credit card data is to eliminate it. They are using tokenization, a process in which a credit card number is replaced with a substitute number, called a token, that can't be linked back to the original card number. The credit card numbers may be held by the tokenization vendor or stored in one central, secure location at the company.

Jeff Abrams, continuous improvement process manager at Hill-Rom Holdings, a $1.3 billion manufacturer of hospital beds and other medical equipment in Batesville, Ind., says the need to comply with the Payment Card Industry Data Security Standard (PCI DSS) drove the company's adoption of tokenization.

The share of Hill-Rom's revenue transacted using credit cards has risen to 12%, up from about 2% five years ago, yet the company's procedures for handling cards were inconsistent, reflecting a number of different legacy systems. Though Hill-Rom had never had a data breach, when an outside consultant compared its practices with the PCI standards, "it was very alarming how many holes we had," Abrams says. "But the fixes they were suggesting were just astronomical in cost." The suggested solution involved moving Hill-Rom's J.D. Edwards enterprise resource planning system to a server of its own at an estimated cost of more than $1 million.

Continue Reading for Free

Register and gain access to:

  • Thought leadership on regulatory changes, economic trends, corporate success stories, and tactical solutions for treasurers, CFOs, risk managers, controllers, and other finance professionals
  • Informative weekly newsletter featuring news, analysis, real-world cas studies, and other critical content
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical coverage of the employee benefits and financial advisory markets on our other ALM sites, PropertyCasualty360 and ThinkAdvisor

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Susan Kelly

Susan Kelly is a business journalist who has written for Treasury & Risk, FierceCFO, Global Finance, Financial Week, Bridge News and The Bond Buyer.