You don't need a crystal ball to see the future of credit card security. The goals are clear: Make cardholder data (CHD) impossible to translate into money, and create disincentives for cybercriminals. The technologies on the forefront of this effort are tokenization and transaction encryption. Since the Payment Card Industry Data Security Standard (PCI DSS) affects environments that store, process, or transmit cardholder data, abstracting and encrypting CHD could have a significant impact on the payment card industry. This report — the first in a two-part series — describes the challenges of securing credit card transactions as well as the promise and challenges of tokenization and transaction encryption.