You’ve seen the skyrocketing stats on identity theft and heard about some dramatic payment data breaches (Heartland, anyone?). It’s enough to make you swear off credit cards … unless this new protection catches on.
That protection? Tokenization.
Here’s what it is and why you’ll want your credit card companies to adopt this technology.
How it works
No need to worry that crooks will get their hands on your company’s credit card numbers — they’re no longer there!
With tokenization, your company’s (or customers’) card information gets intercepted at the online payment interface or point-of-sale terminal for retailers and replaced by “tokens” which are randomly generated proxy numbers.
Only the last four digits of the card remain, and they’re mixed somewhere in the number.
That means that card data is never stored intact anywhere, making it literally impossible for anyone to steal it.
How likely is it to be reality
So the technology exists, and the need is clearly there for some tightened security. Making it a widely adopted process is another matter.
But there’s new hope from an unlikely ally: Congress.
A few weeks ago, Congress held a hearing on credit card processors’ and issuers’ ability to self-police when it comes to data security. And they’re not too confident.
The card companies do have a set of rules they created to keep cardholders’ data safe: Payment Card Industry (PCI) Data Security Standards. But there are no laws requiring them to be followed.
So far, tokenization is considered the No. 1 way to satisfy those requirements and keep data safe, without cutting corners. So these folks may be feeling some increased pressure to adopt them.
Stay tuned … we’ll keep you posted.