This talk is a story about a project where cardholder data was migrated from an eCommerce payment service provider to another. Planning and executing zero-downtime migration of mission critical high transaction volume payment services is a challenge. Adding PCI DSS and privacy considerations to the project takes everything to another level!
The talk will cover practical details of how the cardholder data migration project was planned and executed. It will go through how data security and privacy can be achieved in the project. From PCI DSS compliance perspective, the talk focuses particularly on how cardholder data is protected at-rest and in-transit.