- On September 20, 2013
Safeguarding Stored Cardholder Data with Tokenization
In this era of connectivity, consumers are increasingly concerned about the safety of their personal data. Leaders in the merchant services industry are actively engaged in developing new ways to protect customer information. Here at Host Merchant Services, we commit to security by providing our clients with tokenization, the most secure type of cardholder information storage available today. This system has enormous potential for any company that regularly utilizes credit card processing.
Tokenization involves taking in cardholder data and returning a token, a string of letters, numbers and characters that represents and stands in place of the original data. Each token serves as a pointer for cardholder information, which is securely stored offsite in a cloud-based database. Since tokens do not contain cardholder data in and of themselves, they are essentially immune from the threat of hackers and identity thieves.
Tokenization and PCI Compliance
Through data tokens, merchants can safely store customer information with payment gateway providers like Host Merchant Services. This system is particularly well-suited for companies that charge customers on an ongoing basis. For example, businesses that offer subscriptions or memberships generally charge clients around the first of the month. Storing large amounts of cardholder data for this purpose can create PCI compliance headaches. Essentially, when a merchant retains and stores a customer’s card information, it changes the level of compliance they have to adhere to for PCI DSS standards. You can review PCI Compliance in more detail here, but Tokenization helps to alleviate some PCI issues for merchants and boost transaction security at the same time.
Instead of storing cardholder data on-site, merchants can store tokens and simply pass these tokens to their payment processors at the appropriate times. Upon receiving these tokens, processors use the tokens to pinpoint cardholder data and generate unique credit card transactions. This system is fast and efficient while minimizing risk for fraud and identity theft.
Helping Businesses Small and Large
Token systems are ideal for smaller companies seeking to reduce their PCI compliance burdens while maintaining impeccable customer security. That said, companies of all sizes use data tokens to simplify their operations. For example, a tokenization based payment processing system is useful for closely managing even a large scale customer rewards program. The ability to store the tokens securely while not compromising customer cardholder data, lets a large company deftly keep track of and maintain their rewards program.
As credit card processing becomes ever more critical for modern commerce, many more companies will adopt this robust system of safeguarding customer data. Here at HMS, we are proud to offer tokenization as an integral part of our Transaction Express payment gateway.
A payment gateway is a system of technologies and processes that allow merchants to electronically submit payment transactions to various payment processing networks (i.e., the Credit Card Interchange and the ACH Network). Payment gateways may also provide merchants with transaction management, reporting, and billing services. Payment Gateways essentially bridge the gap between web-based payment options and credit card processors. To take payments in a store, you must have a merchant account, to take payments online you must have a payment gateway.
Beyond the in-house Transaction Express gateway, Host Merchant Services also supports a variety of other Payment Gateways for your payment processing needs. We are able to customize a payment processing solution that fits your own individual needs. Here is a brief list of the Payment Gateways we support directly.
Services like the ones Host Merchant Services offer demonstrate how the payments industry is working tirelessly to prioritize information security.