Encryption and Tokenization
August 24, 2011
Encryption versus Tokenization
Merriam Webster's dictionary defines "entropy" as, "the degree of disorder or uncertainty in a system". Computer hackers, identity thieves and more thrive off such disorder. In an attempt to combat the exploitation of uncertainty in the transmission and storage of data such as credit card information or medical history, IT professionals are constantly striving to create more secure methods. Two clear winners are emerging: E2EE & Tokenization.
End to end encryption (E2EE) encrypts data at the source
(such as a credit card terminal) with knowledge of the intended recipient,
allowing the encrypted data to travel safely through vulnerable channels (eg,
the internet) to its recipient where it can be decrypted (assuming the
recipient has a key to make sense of the encrypted data). For example, your
primary care physician is in New York City (NYC) and you are required to see a
With tokenization, the sensitive data is stored locally or
by a third party service provider. Only those with a token can access the data
and tokens are user specific (our specialist in
Rather than choosing one over the other, IT departments should be seeking a layered approach. There are a few options already available for payment processing, such as MagTek's MagneSafe program which provides E2EE at the card reader, along with tokenization formatting capabilities. Premier Payment Services (PPS') Three Step Redirect API allows e-commerce merchants to process transactions without ever transmitting or storing sensitive cardholder data. These two programs take a shot at entropy, putting a bit more order into otherwise disappointing security networks.
Want more info on Encryption and Tokenization?
Contact Premier Payment Services today at 800.573.6268
and ask to speak to a Merchant Account Specialist
or send an e-mail to email@example.com
[ Download ]
« Return to News