The PCI Council defines tokenization as "a process by which the primary account number (PAN) is replaced with a surrogate value called a token. De-tokenization is the reverse process of redeeming a token for its associated PAN value. The security of an individual token relies predominantly on the infeasibility of determining the original PAN knowing only the surrogate value". Two things should be considered when moving to tokens. First, you are providing your clients with the highest-level of data security and second, you are protecting your business in the event of a data breach. Now, let’s explain how this relates to a business owner.
Obtaining tokens is a simple procedure. If you currently store credit numbers, converting them to tokens will depend on your merchant processor, but in general the process is simplistic. Many merchants have found tokenization to be less expensive, easier to use and more secure than end-to-end encryption. Because tokenization replaces the storage of sensitive cardholder data, the liability and costs that merchants often associate with PCI compliance is dramatically reduced. Tokenization is an easier and much better solution to accepting and processing credit cards than encryption and having to follow the complex PCI guidelines.
|
Archives
March 2020
Categories |