Tokenisation allows you to replace a credit card number with a unique reference number so that the information held in your system cannot be compromised. Tokens can be created en masse or in real time to ensure that your data is instantly PCI-DSS compliant.
Sensitive information is stored in a secure vault, and in the case of IP Payments can be accessed through your online administration system or automated processing connections.
IP Payments supports tokenisation through multiple channels including:
Tokenisation implementation scenarios
There are many scenarios to implement a tokenisation solution.
Below is a table displaying the pros and cons of the main three tokenisation implementation scenarios. This has been compiled based on our experience working with organisations across multiple industries:
|Fully on-premise||Fully outsourced||Hybrid tokenisation “black-box”|
|Time to compliance||Longest||Shortest||Intermediate|
|PCI responsibility||Everything||Only policies and procedures maintenance||Everything outside card vault|
|© IP Payments|
Tokenisation: practical insights from enterprise projects
Check our video about “Tokenisation: practical insights from enterprise projects” which presents lessons learned from multiple tokenisation implementations and was prepared for the PCI London conference.
In this video, we address the top three challenges en route to tokenisation with practical insights from enterprise projects:
- Lessons learned from multiple tokenisation implementations: from the avoidable to the ‘unforeseen’, what are the causes and consequences of budget change as projects move through their lifecycle?
- Future proofing and the pitfalls of point solutions: how can PCI-DSS stakeholders ensure that their organisation is positioned to manage continuously evolving requirements from the business, the PCI SSC and potentially other regulators as well?
- People, process and technology: what key questions have helped other organisations engineer successful projects and avoid costly errors?
Want to learn more about PCI-DSS or have a chat with one of our PCI-DSS experts?