What is Tokenization?
- Token replacement, or tokenization of stored data literally replaces a data element with a reference to that data element that is stored in a separate physical and/or logical location.
- In the case of NCR counterpoint, using NCR Secure Pay, tokenization is used in the Counterpoint database.
- Where credit card number have been encrypted for years, NCR Counterpoint, when used with NCR Secure Pay, will automatically use tokens rather than encrypted card numbers for transaction history and “card on file” purposes
What are the Benefits of Tokenization?
- For sensitive data like credit card numbers, it consolidates the actual encrypted sensitive data in a single location outside of a merchant’s cardholder data environment, making it much easier to protect.
- It reduces the likelihood of sensitive credit card data being accessed from unauthorized means in the field.
What are the limitations of Tokenization?
- Tokenization does not encrypt credit card information that is “in transit” – This is something that is handled by P2PE (Point-to-Point Encryption)..
- Apart from making the process of mass harvesting of card numbers, this process has no impact on the creation of fraudulent credit cards.
Software Requirements for Tokenization
- Tokenization of credit card data required that your are using NCR Counterpoint 22.214.171.124 (or higher), currently slated for general release in July, 2014, and that you be signed-up for NCR Secure Pay.
- Existing sites that are switching to NCR Secure Pay will require that the existing “on file” credit card data be “tokenized” using an NCR supplied utility.
Hardware Requirements for Tokenization
Currently, other that standard MSR’s or VeriFone equipment, there are no specific hardware requirements to use NCR Secure Pay.
For more information on this topic, please contact the CCS Retail Systems Support Department.