Tokenization

 

Next Steps
Overview Blur Custom Encode Encrypt Hash Pseudonymize Randomize Redact Scramble Shift Tokenize

Tokenization is an another type of data masking operation specified by the payment card industry (PCI) to be used in lieu of, or in conjunction with, Primary Account Number (PAN) encryption:

What is the difference between Tokenizationand Encryption?

"A token is like a hyperlink to where the data is stored - no matter what you do with the token, you don't get data out of the token by itself. Tokens may have a context associated with them - so a unique version of my credit card number may be created only for use at Amazon.com without any fear that it could be used elsewhere. Likewise a different token might point to my credit card number for use on eBay.

Encryption is where the data is protected but the data is contained within - to the hacker it is clear that if they break the encryption scheme, they will find the data within."

-The Swamy, Pymts.com

IRIcan provide a PCI-compliant field value tokenizationfunction for use with the IRIFieldShield data masking product or the IRIVoracity data managmentplatform which includes FieldShield.

The logic flow is:

Authorized users can tokenize credit card values that may also be treated with a Format-Preserving Encryption (FPE) function first, and possibly de-tokenized later.

Modify and secure the function itself with the help of IRIProfessional Services to comply with the PCI Data Security Standard (DSS). See this blog article for more details on IRI'scurrent tokenizationcapability.

Request More Information

Live Chat

* indicates a required field.
IRI does NOT share your information.