Tokenization

With tokenization, the sensitive cardholder data obtained during a card transaction is replaced with a marker — or token — in the merchant’s system. A token takes the place of the original data; however, possessing the token does not allow the holder to know anything about the original data or the tokenization scheme. Unlike encryption, the token cannot be reversed to reveal the original data. Retrieving the original data that was replaced by the token requires a database that maintains the relationship between the token and the original data. The data is stored so when merchants need to access this information to issue a refund or for another reason, they can retrieve it.

Tokenization secures the information stored only after it is initially authorized or the original data is replaced with the token. Tokenization alone does not provide protection against data theft during transmission.

In this Section

You will be leaving the E3secure.com domain and entering an external link. The link provides additional information that may be useful or interesting and is being provided consistent with the intended purpose of E3secure.com. However, E3secure.com cannot attest to the accuracy of this information provided by this link or any other linked site. Providing links to a non-E3secure.com website does not constitute an endorsement by E3secure.com, Heartland Payment Systems or any of its representatives, affiliates or employees or the information or products presented on the site. Also, be aware that the privacy protection provided on the E3secure.com domain (see Privacy Policy) may not be available at the external link.

E3 for Your Business	E3 Security	Other Technologies	Industry Advocates	E3 Blog	News & Resources	About Heartland	Contact Us
		Chip & PIN Tokenization	FS-ISAC PPISC ASC X9 F6 The Merchant Advisory Group The Secure POS Vendor Alliance	Bio	Resources Glossary Downloads