What is Tokenization?

While by no means a new concept, tokenization has become a salient topic as of late due to the potential role it may play. As technologies like host card emulation become more prominent, tokenization is viewed by many as the solution to helping cloud-based mobile payments become more secure, and thus more viable for mass adoption.

Tokenization

What is Tokenization?

But what is tokenization? In simple terms, it is a form of data security.

As the name suggests, tokenization is the process of creating a “token” – in this context, it is sensitive data that is tokenized. The token produced is a non-sensitive, unique piece of data that retains essential information about the sensitive data it represents, without compromising its security. The concept is similar to how a voucher, coupon, or casino chip represent money.

In the context of electronic payments, the ultimate purpose of tokenization is to act as a security measure that works to lessen the threat to sensitive information.

Related:- Dell introduces 2020 XPS 13 ahead of CES 2020

What Role Does Tokenization Play in Mobile Payments?

In order for mobile transactions to be completed, a Personal Account Number (PAN) is required. However, there is an inherent security risk in storing PAN data on the mobile device itself. If somebody were to hack the device and gain access to the PAN, they could theoretically carry out multiple transactions as they have the fixed account number needed to do so.

Tokenization helps to mitigate this risk. It obscures the 16-digit PAN data by masking it as a token so that the information is not sent as plain text. Furthermore, because the token is not the PAN itself, it cannot be used outside of a specific, unique transaction. Even if there were a data breach, the account information would still be inaccessible, unless the secure servers which held the information were breached.

Rather than transferring track 2 data, tokenization sends a token to the NFC terminal, which is then relayed to the cloud. The cloud decrypts the token, associates it with the right PAN, and sends the PAN data back to the NFC terminal.

Tokenization and Host Card Emulation

Due to the nature of tokenization, it is being considered as one of the best solutions for securing HCE mobile transactions.

HCE moves the account information into the cloud, which eliminates the need to store it in the mobile device’s secure element. But, to enable mobile transactions to take place securely, there needs to be a way to ensure the security of the sensitive information. Along with measures like secure account reload and limited use keys, tokenization is at the top of the list as a potential solution.

Related:- 6 Steps to Secure your Windows 10 Machine Security

Barriers to Market Adoption of Tokenization

Though we have yet to see the storage, creation, and validation of tokens enter the market on any significant scale, there is massive potential for tokenization to play an integral role in the way that mobile payments develop and evolve. It may very well be the key to transforming the mobile wallet from closed to open loop. As it stands, there are a number of significant barriers preventing the adoption of tokenization, including:

  • developing the technological infrastructure
  • developing the institutional infrastructure
  • having a token generation/validation body with common standards
  • consumer adoption

But, as Jay Weber of FIS points out, the benefits of tokenization far outweigh the barriers to adoption. For one, it lowers the likelihood of sensitive account information being compromised in the event of a data breach. Given the succession of data breaches that have plagued some larger corporations, this is a major advantage. It can also potentially reduce the compliance burden if correctly implemented, among myriad other benefits.

Ultimately, a number of factors will influence the role of tokenization in regard to mobile payments. The payments industry will need to find some common ground on how tokenization manifests, for both security and practicality reasons. As it stands, tokenization is becoming a battleground for competing proposals. The lack of consensus on this level consequently affects merchant adoption. To see true market adoption, there needs to be a consistent framework to introduce a solution that works for issuers, processors and merchants alike.

Related Post

Coronavirus: AT&T boss states world wide web is ‘seeing some signals of stress’ as persons do the job from home

The boss of the largest world-wide-web provider in the US has mentioned its community is “seeing some indicators of stress” as a result of coronavirus containment steps. AT&T CEO Randall

Examine shows social media and search engines are far better than their track record suggests

Credit history: CC0 Public Area Electronic media have essentially adjusted the way we eat news. It is generally assumed that the use of social networks and lookup engines has had

Fb spies on us but not by recording our calls. Here’s how the social network understands every little thing

Credit score: CC0 General public Area It is a offered that Facebook is listening in on our conversations, ideal? That is how the social network can adhere to up on