Comments on Do the Visa PCI ShuffleA SearchFinancialSecurity.com blog2013-05-05T04:04:29Zhttp://itknowledgeexchange.techtarget.com/regulatory-compliance/do-the-visa-pci-shuffle/feed/atom/By: 4gone4gonehttp://itknowledgeexchange.techtarget.com/regulatory-compliance/?p=23#comment-22009-03-26T22:33:39Z2009-03-26T22:33:39ZCard Information Replacement Technology (CIRT) exists today that never allows real cardholder data to enter the POS/PMS or eCommerce site or hosting provider. If the data is not there, it can not be stolen. Tokenization is a great way to address data storage issues. But taking control of the data before it enters the point of sale system and replacing it with something that is not cardholder data (a Token or unique identifier) resolves the majority (not all) of the PCI burden and makes it impossible to steal what is not there. It might be time to have a serious talk about solving the problem before Congress gets involvolved and mandates that all cardholder data be removed from merchant and processor environments.