PCI DSS Compliance

Remove credit card numbers on employee devices and servers

One of the biggest risks to PCI compliance is cardholder information that exists outside the organization’s controlled database environment. When credit card numbers are extracted from a database and stored as unstructured data—in files on employee devices and file servers—they pose a significant threat.

Most organizations have no visibility into the data stored in files by their employees, leaving compliance and risk managers unable to control spreadsheets, documents, and other files containing credit card numbers. These files can lead to failed audits and data breaches, especially when files are copied to cloud folders or other inappropriate locations.

Automated Redaction for PCI Data

With automated redaction from PKWARE, your organization can permanently remove credit card numbers numbers as soon as they appear in files on employee computers, file servers, and in other locations.

Automated redaction ensures that account information cannot be shared or stored in unauthorized locations. It also means that cardholder data will not be exposed in the event of a computer theft, misuse of employee credentials, or other security event.

Real-Time Policy Enforcement

Many of the world’s largest financial institutions use PKWARE’s Smartcrypt to remove credit card number from files on employee laptops and desktops. Once data is redacted, it no longer falls within the scope of PCI DSS requirements, reducing the burden of audits and reporting that are necessary in order to maintain PCI compliance.

Here’s how it works.

  1. Using PKWARE’s intuitive control panel, administrators apply data redaction rules to user devices and file servers where credit card numbers may be saved inappropriately. Administrators can use PKWARE’s pre-configured definitions of PCI data, or create their own definition of data types that require redaction.

  2. PKWARE’s automated technology monitors file activity and scans new or modified files to determine whether they contain PCI data.

  3. When a user enters or imports credit card numbers into a file...
    Unredacted Data Screenshot

  4. Smartcrypt automatically identifies and redacts the numbers, leaving the other file contents unchanged.
    Unredacted Data Screenshot

  5. Unlike tokenization, data redaction cannot be undone, so files containing redacted data can be taken out of PCI compliance scope, no matter how many times the files are copied or shared.

Case Study

See how a global bank is using Smartcrypt to ensure PCI compliance.

Download PDF

Smartcrypt Platform

Learn more about PKWARE's smart encryption platform.

Learn More


  • Simplify PCI DSS compliance and reporting
  • Reduce the risk of PCI violations and sanctions
  • Protect cardholder data against accidental loss or theft

Support Center

Find answers & help here.

View Support Site

Help Request

Our expert technicians are standing by.

Get Help Now

Sales Team

Request an expert consultation.

Contact Sales