Reducing the Cost & Complexity
of PCI DSS Compliance
Establish a robust data security foundation to meet PCI-DSS requirements - on time and on
budget
Key Benefits
Single Solution to
Streamline Implementation
and Reduce Cost and
Complexity
Most Secure
Comprehensive Audit Trail
Maximum Performance for
Uninterrupted Business
Processes
Modular Flexibility to Meet
Specific Compliance and
Data Security Needs
The Payment Card Industry Data Security Standard (PCI DSS) mandate requires the protection
of sensitive payment account data, such as primary account number (PAN), magnetic stripe data,
CVV, and PIN, by any company that processes, stores, and transmits such data. PCI was established
by the major credit card companies including VISA, MasterCard, and American Express in response
to increased card fraud, which resulted in financial loss and decreased customer confidence that
impacted card revenue growth.
The focus of PCI DSS is on the protection of sensitive data such as primary account number,
cardholder name, PIN, etc that is exchanged during any credit card transaction and stored in
multiple databases. In particular, PCI lays out 12 detailed requirements for the protection of sensitive
data in use, data at rest, and data in transit.
One of the key challenges merchants, banks, and payment processors face is the implementation of
data encryption to meet the PCI security requirements for compliance – and do so in a fast and cost
effective manner.
PCI DSS Compliance Solution
SafeNet dramatically reduces the cost and complexity of PCI compliance with the most complete
and easy to manage enterprise data protection solution. With SafeNet, merchants, banks, payment
processors and any other companies subject to PCI DSS compliance can protect sensitive
cardholder data at rest, in use and in transit to meet the most challenging PCI security requirements.
In contrast to point solutions that address single requirement issues, SafeNet is the only vendor that
provides a comprehensive solution that protects sensitive data from endpoint devices to databases—
thereby reducing the cost and complexity of PCI DSS compliance. The streamlined implementation
of the SafeNet solution, inconjunction with other solutions, ensures that PCI deadlines are met and
fines avoided.
 SafeNet Meets PCI DSS 1.2 Requirements

PCI Requirement SafeNet Solution

Do not use vendor-supplied defaults for system
2 SafeNet Authentication Tokens
passwords and other security parameters
SafeNet Database Encryption
SafeNet Hardware Security Modules
3 Protect stored data and encryption keys
SafeNet Disk and File Encryption
SafeNet Authentication Tokens
Encrypt transmission of cardholder data and
4 SafeNet Network Encryptors
sensitive information across public networks
Develop and maintain secure systems
6 SafeNet Hardware Security Modules
and applications

7 Restrict access to data by business need-to-know SafeNet Authentication Tokens

Assign a unique ID to each person

8 SafeNet Authentication Tokens
with computer access
SafeNet Authentication Tokens
9 Restrict physical access to cardholder data
SafeNet Database Encryption

SafeNet’s encryption and key management security solution helps top retailers and other
merchants comply with the most difficult standard to meet —PCI DSS requirement three. A 2008
Gartner analyst survey found that 64 percent of Level 1 retailers cited encryption of data at rest,
under requirement three, to be their top technical challenge for meeting PCI compliance. Likewise,
a recent VeriSign study found that 79 percent of PCI audit failures occurred because companies
did not effectively secure their cardholder data. Protecting cardholder data is the most challenging
requirement because it involves data encryption, which may necessitate different solutions
from several vendors. SafeNet’s single solution strategy eliminates the need to spend top dollar
on multiple vendor systems that have not been designed to work together— ensuring stored
cardholder data is secured and PCI compliance is met.

About SafeNet
SafeNet is a global leader in information security. Founded more than 25 years ago, the company
provides complete security utilizing its encryption technologies to protect communications,
intellectual property, and digital identities, and offers a full spectrum of products, including
hardware, software, and chips. ARM, Bank of America, Cisco Systems, the Departments of Defense
and Homeland Security, Microsoft, Samsung, Texas Instruments, the U.S. Internal Revenue Service,
and scores of other customers entrust their security needs to SafeNet. For more information, visit
www.safenet-inc.com.

Corporate Headquarters:
4690 Millennium Drive, Belcamp, Maryland 21017 USA For all office locations and contact information, please visit
Tel.: +1 410 931 7500 or 800 533 3958, Fax: +1 410 931 7524, www.safenet-inc.com/company/contact.asp
Email: info@safenet-inc.com
©2010 SafeNet, Inc. All rights reserved. SafeNet and SafeNet logo are
EMEA Headquarters:
registered trademarks of SafeNet.
Tel.: +44 (0) 1276 608 000, Email: info.emea@safenet-inc.com All other product names are trademarks of their respective owners.
SB-PA DSS Compliance-02.22.10
APAC Headquarters:
www.safenet-inc.com Tel: +852 3157 7111, Email: info.apac@safenet-inc.com