PCI DSS Section 6.4.3 requires that "Production Data (live PANs) are NOT used for Testing or Development".
If we need a Huge Dataset of real looking PANs for a Test. How do we create those?
A good Tokenization will allow you to do "BATCH COPY" where you start with PAN Data and end up with Tokens.
Doing this in production once is a fast and secure way to create test data: when configured properly, the tokens can look like "REAL" PANs and can even pass Luhn check.
Thus creating a huge set of Test data which is NOT tied to real PAN data at all becomes easy exercise.
If we need a Huge Dataset of real looking PANs for a Test. How do we create those?
A good Tokenization will allow you to do "BATCH COPY" where you start with PAN Data and end up with Tokens.
Doing this in production once is a fast and secure way to create test data: when configured properly, the tokens can look like "REAL" PANs and can even pass Luhn check.
Thus creating a huge set of Test data which is NOT tied to real PAN data at all becomes easy exercise.
No comments:
Post a Comment