Contact | Site Map | Privacy Policy | Home
Products Solutions Support News & Info Company  
 
  •   Overview
  •   Contact Us / Request Trial
  •  Bank Card Security System
  •   EncryptRIGHT
      Overview
      Strong Encryption Options
      Tokenization
      PCI Key Management
      PCI Encryption
      Deployment Options
      Rapid Application Development
      Platform Support
      Use Cases
  •   Psypher Security Suite
  •   STK Toolkit

EncryptRIGHT Tokenization

The EncryptRIGHT product suite includes an optional tokenization module that reduces the scope and cost of a PCI audit. Tokenization is an increasingly popular choice for data security because it not only reduces risk of data exposure, but it simplifies security. By substituting a real value with a random token, you completely remove the threat of data theft from your information processing systems.

But tokenization's real allure is that it saves you money, said Adrian Lane, a tokenization expert with Securosis, an information security research and advisory firm.

"Hackers can't steal what's not there," Lane said. "Tokenization is great for payment data security because you remove credit card numbers in tokenized systems, thus reduce the scope of a PCI audit, which helps reduce compliance costs."

EncryptRIGHT follows industry best practices for token generation and secure storage. It supports two methods of token generation: random tokenization and tokenization by encryption. Token generation uses a FIPS 140-2 compliant random number generator. Tokenization by encryption uses EncryptRIGHT's key management and encryption to generate tokens.

The EncryptRIGHT tokenization module can create tokens that have the same format and data type as the original values, so you don't need to change your applications or databases to support tokenized values.

EncryptRIGHT tokenization can be used for all types of processing, and is suitable for a wide range of personally identifiable information (PII) such as social security numbers, passport numbers and health records. Here are some of the common reasons why tokenization is a popular choice:

  • PCI compliance. For merchants around the world, substituting tokens for credit cards meets compliance requirements and reduces threat of data breach.
  • No impact on your existing systems. Tokens have the same format and data type as the original values, so you don't need to change your applications or databases to support tokenized values.
  • Reduced audit costs. By removing sensitive information from data processing systems, security audits are simpler, smaller in scope, easier to perform and cost less.

Tokenization is easily added to existing EncryptRIGHT deployments, supported by our secure token database. Enterprise customers can use a JDBC driver to integrate with existing Oracle and Microsoft SQL Server databases. In either case, tokenization is fully integrated with encryption, key management and logging features.

Next Steps:


 
Request Product Trial
White Paper & Webinar
 

New white paper available. Download
Tokenization Guidance: How to Reduce PCI Compliance Costs
by top industry analyst Securosis.

Register for Webinar
How Tokenization Reduces PCI Compliance Costs
Feb. 22nd, featuring Securosis
PrimeFactors PrimeFactors