Voltage Security announced its Stateless Tokenization (SST) technology, a patent-pending data security solution that provides enterprises, merchants and payment processors with a new approach to help assure protection for payment card data, with PCI DSS audit scope reduction.


Voltage SST technology is offered as part of the Voltage SecureData Enterprise data security platform that unites market-leading encryption, tokenization, data masking and key management to protect sensitive corporate information in a single comprehensive solution.

Tokenization, which is used as a way of replacing sensitive data like credit card numbers with non-sensitive substitute values, is one of the data protection and audit scope reduction methods recommended by the PCI DSS. Enterprise users, merchants and processors, however, are facing new and mounting compliance costs and complexities as they discover that conventional, first-generation tokenization solutions aren’t able to support business evolution and growth.

Voltage SST technology solves this problem by eliminating the need for a token database, which has been a central element in tokenization solutions. It also removes the need to store sensitive data. The end result is that it substantially decreases PCI DSS compliance costs and complexities, and dramatically reduces the number of applications and systems that would be considered “in-scope” for compliance assessments. This approach can help companies free substantial IT and compliance budget for other spending priorities.

Voltage SST technology is based upon published and proven academic research and standards, and validated by independent experts. In addition, the solution has been validated by a top third-party Quality Security Assessor (QSA) with a published report on the assessment.