Arrow Blog : A Tokenization of Our Appreciation

March 2, 2012 2:37 PM

A Tokenization of Our Appreciation

We’ve already established that no one likes the hassle of PCI Compliance. Sure, it’s secure, but maintaining that security can be excruciatingly time consuming for both merchants and their recurring customers. Not anymore. Tokenization is the key to beefing up security and simplifying recurring transactions—all while avoiding PCI compliance issues.

How does it work? Glad you asked! Simply give me your credit card number, and I will give you a token to play your favorite arcade game at Chuck-E-Cheese. Wait—wrong kind of token. Ok so there’s no skee-ball, but what tokenization actually is is even cooler.

So What Is Tokenization?

Tokenization is the process of replacing sensitive data (like credit card numbers) with non-decryptable data, taking your security to the next level of functionality. When a merchant enters a credit card number into their gateway, it generates a random series of proxy numbers, or token, to replace the card number. Once a credit card number has been tokenized, it can be used later to conduct transactions using the stored card without actually storing the card number.

The token then becomes a unique customer identifier, which makes recurring transactions and future purchases a breeze. The only numbers from the original card number that remain are the last four digits, which become the first four of the token. The token can only be used on that merchant’s gateway, making it virtually impossible for a credit card number to be stolen. And, in the extremely rare case that there is a breach, data thieves will access only the token, which is completely useless out of the context of the gateway. Take that, hackers!

On the off chance that you aren’t as riveted by tokenization as we are at Arrow Payments, let me break the process down for you:

1. The merchant accepts a credit or debit card payment

2. The merchant inputs the cardholder data into the gateway

3. A token is then generated to replace the credit card number

4. The token—not the cardholder data—is stored in the merchant’s vault for later use

A theft-free way to store cardholder data which meets PCI compliance AND makes future transactions easy? Jackpot!

Arrow Payments provides a Simply Better solution for processing payments online. Have a question? Tweet Antonia at @ArrowPayments

Home Archive RSS