Data Tokenization

By Ericka Chickowski  |  Posted 2010-01-12 Email Print this article Print


Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce

Customers are floundering with PCI compliance mandates, but that's where the channel can step in. Savvy solution providers can cut through the complexity to help prioritize projects for customers and make money by focusing on the following seven areas.


Data Tokenization
The idea behind data tokenization is simple. Take sensitive credit card number data that was once stored within the customer environment and "outsource" it to PCI-compliant servers owned by a service provider. The customer then uses data tokens within their own payment environments that refer back to the real card numbers, so that during transactions the only thing flying across the wires are meaningless tokens rather than unprotected card data.

"By making the card data on the merchant network unusable and keeping all stored data on a third-party’s systems, the merchant is able to protect its customers’ data, ensure its reputation for proper care and control of that data and reduce PCI scope." George Peabody, Principal Analyst, Mercator Advisory Group

Tokenization provides a reasonable alternative for compliance to organizations that lack the resources to bring their own infrastructures up to snuff. But according to Aberdeen, only 14% of laggard organizations currently use data tokenization, while 38% of best in class organizations use it.

Tokenization projects and services could provide a great opportunity for the channel to help get strapped-for-cash latecomers to the PCI party started on the path to compliance in a cost-effective manner.



Submit a Comment

Loading Comments...

Thanks for your registration, follow us on our social networks to keep up-to-date