Emphatic excitement is how I felt when I saw this news from the hotel technology trade association, also known as HTNG. The idea of deleting data for compliance scope is certainly not new, but the key idea that HTNG discovered is to delete data as early as possible as soon as it enters the organization’s data-center and they’ve defined something called the Payment Information Proxy (PIP) in their framework that does precisely this.
In fact, we’ve been recommending this approach to retailers for some time now, the idea being to capture PAN data in an HTTP POST when it first hits the environment to reduce compliance exposure.
In their Secure Payments Framework for Hospitality, they describe the PIP data flow quite precisely. It certainly looks like a good fit for proxy tokenization and will be something Intel(R) Expressway Tokenization Broker looks to be ideally suited for.