Data TokenizationBy Ericka Chickowski | Posted 2010-01-12 Email Print
Customers are floundering with PCI compliance mandates, but that's where the channel can step in. Savvy solution providers can cut through the complexity to help prioritize projects for customers and make money by focusing on the following seven areas.
The idea behind data tokenization is simple. Take sensitive credit card number data that was once stored within the customer environment and "outsource" it to PCI-compliant servers owned by a service provider. The customer then uses data tokens within their own payment environments that refer back to the real card numbers, so that during transactions the only thing flying across the wires are meaningless tokens rather than unprotected card data.
"By making the card data on the merchant network unusable and keeping all stored data on a third-party’s systems, the merchant is able to protect its customers’ data, ensure its reputation for proper care and control of that data and reduce PCI scope." George Peabody, Principal Analyst, Mercator Advisory Group