I just read your section in Beautiful Security, and I was amazed at how clearly you saw some of the challenges and potential solutions in the payment security space.

I wish I would have read this a year ago, before I started working on the TransArmor project I am on. It would have spurred some interesting thoughts and helped frame some of the discussions that I had to learn hard lessons in.

TransArmor is a tokenization solution – we are (as you suggested) removing those crown jewel PANs out of the merchant environments so that the temptation and opportunity for breach no longer exists for would-be attackers.

I will also take a look at the wiki and see if I can add anything useful.

I would really like to hear some of your thoughts on the current proposed solutions – end-to-end encryption and tokenization.

Kind Regards,

David Marsh