Case Study: PCI: End-To-End Encryption Takes Store Systems Out Of Scope

When BevMo! faced the July 1, 2010, PA-DSS and PCI-PED deadlines, it knew its network and more than 500 devices across its enterprise would be audited and subject to expensive upgrades to satisfy compliance. With less than a year to address the situation, it faced the prospect of an expensive store systems upgrade that would gain it nothing more than the satisfaction of mandate requirements. Instead, BevMo! sought a solution that would completely remove payment card data from its storage, processing, and systems environments. BevMo! found its answer in VeriShield Protect, an end-to-end encryption (E2EE) solution that removed its existing store systems from the PCI audit microscope.

When unencrypted cardholder data is exposed – even for a nanosecond – your customers and your company are at risk. With E2EE from VeriShield Protect, cardholder data is encrypted at the hardware level, from the point of swipe all the way to the payment processor. At BevMo!, VeriShield Protect only required the installation of payment terminals, saving the company more than $1M in store system upgrades. The solution also saved BevMo! more than 70% of its anticipated PCI audit costs. Most importantly, VeriShield Protect eliminates the incalculable risk of brand and reputational damage that comes with a breach of cardholder data security.