Review of EVT for PCI Compliance
PCI/DSS mandates that anything that touches the PCI environment whether it is hardware, software, backbone and even a human are in the scope. PCI/DSS not only requires 100% compliance, but it is an extremely binary standard and there is no margin for creativity or even the possibility of objection or noncompliance with any of the 214 mandated controls. Failure to implement even one control will result in a noncompliance finding and the possibility of fines or a credit card brand refusing to allow the use of their card for transactions. The vaultless tokenization solution allows the flexibility necessary to create 16 digit tokens that could pass a luhn test and be dropped straight into our application with no modification. The solution also allowed us to display the necessary information from the original payment card to allow customer service to support the ecommerce environment.