Saturday, March 27, 2010

Tokenization for dummies

The word tokenization of credit card data is being passed around more and more these days. The payment card industry is cracking down on businesses large and small, forcing them to find an alternative ways work with credit card data to protect cardholders.

What is tokenization?
Tokenization simply takes a credit card number and turns it into a token. This can be done a number of ways depending on your service provider. A good example is an e-commerce web site hosted by the merchant where the customer can enter a credit card. Behind the scenes the credit card number is turned into a token and returned to the merchant. Tokens can be stored at the merchants e-commerce site because they are not credit card numbers. When the merchant would like to re-bill the customer (with their authorization of course) they can simply send the token to the service provider. The main benefit being if the token is compromised it cannot be used. Obviously this is not the case with the credit card.

Tokenization is a great way to protect cardholder data and lessen the in scope items merchants are required to abide by from the payment card industry. Not only does it safely protect the cardholder number, but it allows for a re-bill to be done without asking the customer for a credit card number. Not all service providers offer tokenization so check with yours to be sure it is offered. As always you can click the contact us for more information.

No comments: