Tokenization – Secure Payment Data

How Tokenization Works

Tokenization defines a process through which a credit card holder’s Primary Account  Number (PAN) data is replaced with a surrogate value known as a “token.” The security of an individual token relies on properties of uniqueness and the infeasibility to determine the original PAN knowing only the surrogate value. As a reference or surrogate value for the original PAN, a token can be used freely by systems and applications within a merchant environment.

Where properly implemented, tokenization allows merchants to limit the storage of cardholder data to within the tokenization system, potentially simplifying an entity’s assessment against the PCI DSS. As a reference or surrogate value for the original PAN, a token can be used by systems and applications within a merchant environment without having to consider the security implications associated with the use of cardholder data.

What Are The Benefits of Tokenization

  • Reduces PCI DSS Scope
  • Renders payment card data meaningless to hackers
  • Provides end-to-end security
  • Not mathematically reversible
  • Format fits legacy payment card data fields
  • Retains last four digits of original payment card data for easy customer identification