CINXE.COM
Tokenization (data security) - Wikipedia
<!DOCTYPE html> <html class="client-nojs vector-feature-language-in-header-enabled vector-feature-language-in-main-page-header-disabled vector-feature-page-tools-pinned-disabled vector-feature-toc-pinned-clientpref-1 vector-feature-main-menu-pinned-disabled vector-feature-limited-width-clientpref-1 vector-feature-limited-width-content-enabled vector-feature-custom-font-size-clientpref-1 vector-feature-appearance-pinned-clientpref-1 vector-feature-night-mode-enabled skin-theme-clientpref-day vector-sticky-header-enabled vector-toc-available" lang="en" dir="ltr"> <head> <meta charset="UTF-8"> <title>Tokenization (data security) - Wikipedia</title> <script>(function(){var className="client-js vector-feature-language-in-header-enabled vector-feature-language-in-main-page-header-disabled vector-feature-page-tools-pinned-disabled vector-feature-toc-pinned-clientpref-1 vector-feature-main-menu-pinned-disabled vector-feature-limited-width-clientpref-1 vector-feature-limited-width-content-enabled vector-feature-custom-font-size-clientpref-1 vector-feature-appearance-pinned-clientpref-1 vector-feature-night-mode-enabled skin-theme-clientpref-day vector-sticky-header-enabled vector-toc-available";var cookie=document.cookie.match(/(?:^|; )enwikimwclientpreferences=([^;]+)/);if(cookie){cookie[1].split('%2C').forEach(function(pref){className=className.replace(new RegExp('(^| )'+pref.replace(/-clientpref-\w+$|[^\w-]+/g,'')+'-clientpref-\\w+( |$)'),'$1'+pref+'$2');});}document.documentElement.className=className;}());RLCONF={"wgBreakFrames":false,"wgSeparatorTransformTable":["",""],"wgDigitTransformTable":["",""],"wgDefaultDateFormat":"dmy", "wgMonthNames":["","January","February","March","April","May","June","July","August","September","October","November","December"],"wgRequestId":"2c2417eb-f98a-49bb-9d76-e62a36bd7ed9","wgCanonicalNamespace":"","wgCanonicalSpecialPageName":false,"wgNamespaceNumber":0,"wgPageName":"Tokenization_(data_security)","wgTitle":"Tokenization (data security)","wgCurRevisionId":1253881566,"wgRevisionId":1253881566,"wgArticleId":61419,"wgIsArticle":true,"wgIsRedirect":false,"wgAction":"view","wgUserName":null,"wgUserGroups":["*"],"wgCategories":["CS1 maint: multiple names: authors list","CS1 errors: requires URL","CS1 errors: missing periodical","Articles with short description","Short description matches Wikidata","Cryptography"],"wgPageViewLanguage":"en","wgPageContentLanguage":"en","wgPageContentModel":"wikitext","wgRelevantPageName":"Tokenization_(data_security)","wgRelevantArticleId":61419,"wgIsProbablyEditable":true,"wgRelevantPageIsProbablyEditable":true,"wgRestrictionEdit":[], "wgRestrictionMove":[],"wgNoticeProject":"wikipedia","wgCiteReferencePreviewsActive":false,"wgFlaggedRevsParams":{"tags":{"status":{"levels":1}}},"wgMediaViewerOnClick":true,"wgMediaViewerEnabledByDefault":true,"wgPopupsFlags":0,"wgVisualEditor":{"pageLanguageCode":"en","pageLanguageDir":"ltr","pageVariantFallbacks":"en"},"wgMFDisplayWikibaseDescriptions":{"search":true,"watchlist":true,"tagline":false,"nearby":true},"wgWMESchemaEditAttemptStepOversample":false,"wgWMEPageLength":40000,"wgEditSubmitButtonLabelPublish":true,"wgULSPosition":"interlanguage","wgULSisCompactLinksEnabled":false,"wgVector2022LanguageInHeader":true,"wgULSisLanguageSelectorEmpty":false,"wgWikibaseItemId":"Q17086007","wgCheckUserClientHintsHeadersJsApi":["brands","architecture","bitness","fullVersionList","mobile","model","platform","platformVersion"],"GEHomepageSuggestedEditsEnableTopics":true,"wgGETopicsMatchModeEnabled":false,"wgGEStructuredTaskRejectionReasonTextInputEnabled":false, "wgGELevelingUpEnabledForUser":false};RLSTATE={"ext.globalCssJs.user.styles":"ready","site.styles":"ready","user.styles":"ready","ext.globalCssJs.user":"ready","user":"ready","user.options":"loading","ext.cite.styles":"ready","skins.vector.search.codex.styles":"ready","skins.vector.styles":"ready","skins.vector.icons":"ready","ext.wikimediamessages.styles":"ready","ext.visualEditor.desktopArticleTarget.noscript":"ready","ext.uls.interlanguage":"ready","wikibase.client.init":"ready","ext.wikimediaBadges":"ready"};RLPAGEMODULES=["ext.cite.ux-enhancements","mediawiki.page.media","site","mediawiki.page.ready","mediawiki.toc","skins.vector.js","ext.centralNotice.geoIP","ext.centralNotice.startUp","ext.gadget.ReferenceTooltips","ext.gadget.switcher","ext.urlShortener.toolbar","ext.centralauth.centralautologin","mmv.bootstrap","ext.popups","ext.visualEditor.desktopArticleTarget.init","ext.visualEditor.targetLoader","ext.echo.centralauth","ext.eventLogging","ext.wikimediaEvents", "ext.navigationTiming","ext.uls.interface","ext.cx.eventlogging.campaigns","ext.cx.uls.quick.actions","wikibase.client.vector-2022","ext.checkUser.clientHints","ext.growthExperiments.SuggestedEditSession"];</script> <script>(RLQ=window.RLQ||[]).push(function(){mw.loader.impl(function(){return["user.options@12s5i",function($,jQuery,require,module){mw.user.tokens.set({"patrolToken":"+\\","watchToken":"+\\","csrfToken":"+\\"}); }];});});</script> <link rel="stylesheet" href="/w/load.php?lang=en&modules=ext.cite.styles%7Cext.uls.interlanguage%7Cext.visualEditor.desktopArticleTarget.noscript%7Cext.wikimediaBadges%7Cext.wikimediamessages.styles%7Cskins.vector.icons%2Cstyles%7Cskins.vector.search.codex.styles%7Cwikibase.client.init&only=styles&skin=vector-2022"> <script async="" src="/w/load.php?lang=en&modules=startup&only=scripts&raw=1&skin=vector-2022"></script> <meta name="ResourceLoaderDynamicStyles" content=""> <link rel="stylesheet" href="/w/load.php?lang=en&modules=site.styles&only=styles&skin=vector-2022"> <meta name="generator" content="MediaWiki 1.44.0-wmf.14"> <meta name="referrer" content="origin"> <meta name="referrer" content="origin-when-cross-origin"> <meta name="robots" content="max-image-preview:standard"> <meta name="format-detection" content="telephone=no"> <meta property="og:image" content="https://upload.wikimedia.org/wikipedia/commons/thumb/3/3e/How_mobile_payment_tokenization_works.png/1200px-How_mobile_payment_tokenization_works.png"> <meta property="og:image:width" content="1200"> <meta property="og:image:height" content="474"> <meta property="og:image" content="https://upload.wikimedia.org/wikipedia/commons/thumb/3/3e/How_mobile_payment_tokenization_works.png/800px-How_mobile_payment_tokenization_works.png"> <meta property="og:image:width" content="800"> <meta property="og:image:height" content="316"> <meta property="og:image" content="https://upload.wikimedia.org/wikipedia/commons/thumb/3/3e/How_mobile_payment_tokenization_works.png/640px-How_mobile_payment_tokenization_works.png"> <meta property="og:image:width" content="640"> <meta property="og:image:height" content="253"> <meta name="viewport" content="width=1120"> <meta property="og:title" content="Tokenization (data security) - Wikipedia"> <meta property="og:type" content="website"> <link rel="preconnect" href="//upload.wikimedia.org"> <link rel="alternate" media="only screen and (max-width: 640px)" href="//en.m.wikipedia.org/wiki/Tokenization_(data_security)"> <link rel="alternate" type="application/x-wiki" title="Edit this page" href="/w/index.php?title=Tokenization_(data_security)&action=edit"> <link rel="apple-touch-icon" href="/static/apple-touch/wikipedia.png"> <link rel="icon" href="/static/favicon/wikipedia.ico"> <link rel="search" type="application/opensearchdescription+xml" href="/w/rest.php/v1/search" title="Wikipedia (en)"> <link rel="EditURI" type="application/rsd+xml" href="//en.wikipedia.org/w/api.php?action=rsd"> <link rel="canonical" href="https://en.wikipedia.org/wiki/Tokenization_(data_security)"> <link rel="license" href="https://creativecommons.org/licenses/by-sa/4.0/deed.en"> <link rel="alternate" type="application/atom+xml" title="Wikipedia Atom feed" href="/w/index.php?title=Special:RecentChanges&feed=atom"> <link rel="dns-prefetch" href="//meta.wikimedia.org" /> <link rel="dns-prefetch" href="login.wikimedia.org"> </head> <body class="skin--responsive skin-vector skin-vector-search-vue mediawiki ltr sitedir-ltr mw-hide-empty-elt ns-0 ns-subject mw-editable page-Tokenization_data_security rootpage-Tokenization_data_security skin-vector-2022 action-view"><a class="mw-jump-link" href="#bodyContent">Jump to content</a> <div class="vector-header-container"> <header class="vector-header mw-header"> <div class="vector-header-start"> <nav class="vector-main-menu-landmark" aria-label="Site"> <div id="vector-main-menu-dropdown" class="vector-dropdown vector-main-menu-dropdown vector-button-flush-left vector-button-flush-right" title="Main menu" > <input type="checkbox" id="vector-main-menu-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-main-menu-dropdown" class="vector-dropdown-checkbox " aria-label="Main menu" > <label id="vector-main-menu-dropdown-label" for="vector-main-menu-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-menu mw-ui-icon-wikimedia-menu"></span> <span class="vector-dropdown-label-text">Main menu</span> </label> <div class="vector-dropdown-content"> <div id="vector-main-menu-unpinned-container" class="vector-unpinned-container"> <div id="vector-main-menu" class="vector-main-menu vector-pinnable-element"> <div class="vector-pinnable-header vector-main-menu-pinnable-header vector-pinnable-header-unpinned" data-feature-name="main-menu-pinned" data-pinnable-element-id="vector-main-menu" data-pinned-container-id="vector-main-menu-pinned-container" data-unpinned-container-id="vector-main-menu-unpinned-container" > <div class="vector-pinnable-header-label">Main menu</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-main-menu.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-main-menu.unpin">hide</button> </div> <div id="p-navigation" class="vector-menu mw-portlet mw-portlet-navigation" > <div class="vector-menu-heading"> Navigation </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="n-mainpage-description" class="mw-list-item"><a href="/wiki/Main_Page" title="Visit the main page [z]" accesskey="z"><span>Main page</span></a></li><li id="n-contents" class="mw-list-item"><a href="/wiki/Wikipedia:Contents" title="Guides to browsing Wikipedia"><span>Contents</span></a></li><li id="n-currentevents" class="mw-list-item"><a href="/wiki/Portal:Current_events" title="Articles related to current events"><span>Current events</span></a></li><li id="n-randompage" class="mw-list-item"><a href="/wiki/Special:Random" title="Visit a randomly selected article [x]" accesskey="x"><span>Random article</span></a></li><li id="n-aboutsite" class="mw-list-item"><a href="/wiki/Wikipedia:About" title="Learn about Wikipedia and how it works"><span>About Wikipedia</span></a></li><li id="n-contactpage" class="mw-list-item"><a href="//en.wikipedia.org/wiki/Wikipedia:Contact_us" title="How to contact Wikipedia"><span>Contact us</span></a></li> </ul> </div> </div> <div id="p-interaction" class="vector-menu mw-portlet mw-portlet-interaction" > <div class="vector-menu-heading"> Contribute </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="n-help" class="mw-list-item"><a href="/wiki/Help:Contents" title="Guidance on how to use and edit Wikipedia"><span>Help</span></a></li><li id="n-introduction" class="mw-list-item"><a href="/wiki/Help:Introduction" title="Learn how to edit Wikipedia"><span>Learn to edit</span></a></li><li id="n-portal" class="mw-list-item"><a href="/wiki/Wikipedia:Community_portal" title="The hub for editors"><span>Community portal</span></a></li><li id="n-recentchanges" class="mw-list-item"><a href="/wiki/Special:RecentChanges" title="A list of recent changes to Wikipedia [r]" accesskey="r"><span>Recent changes</span></a></li><li id="n-upload" class="mw-list-item"><a href="/wiki/Wikipedia:File_upload_wizard" title="Add images or other media for use on Wikipedia"><span>Upload file</span></a></li> </ul> </div> </div> </div> </div> </div> </div> </nav> <a href="/wiki/Main_Page" class="mw-logo"> <img class="mw-logo-icon" src="/static/images/icons/wikipedia.png" alt="" aria-hidden="true" height="50" width="50"> <span class="mw-logo-container skin-invert"> <img class="mw-logo-wordmark" alt="Wikipedia" src="/static/images/mobile/copyright/wikipedia-wordmark-en.svg" style="width: 7.5em; height: 1.125em;"> <img class="mw-logo-tagline" alt="The Free Encyclopedia" src="/static/images/mobile/copyright/wikipedia-tagline-en.svg" width="117" height="13" style="width: 7.3125em; height: 0.8125em;"> </span> </a> </div> <div class="vector-header-end"> <div id="p-search" role="search" class="vector-search-box-vue vector-search-box-collapses vector-search-box-show-thumbnail vector-search-box-auto-expand-width vector-search-box"> <a href="/wiki/Special:Search" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only search-toggle" title="Search Wikipedia [f]" accesskey="f"><span class="vector-icon mw-ui-icon-search mw-ui-icon-wikimedia-search"></span> <span>Search</span> </a> <div class="vector-typeahead-search-container"> <div class="cdx-typeahead-search cdx-typeahead-search--show-thumbnail cdx-typeahead-search--auto-expand-width"> <form action="/w/index.php" id="searchform" class="cdx-search-input cdx-search-input--has-end-button"> <div id="simpleSearch" class="cdx-search-input__input-wrapper" data-search-loc="header-moved"> <div class="cdx-text-input cdx-text-input--has-start-icon"> <input class="cdx-text-input__input" type="search" name="search" placeholder="Search Wikipedia" aria-label="Search Wikipedia" autocapitalize="sentences" title="Search Wikipedia [f]" accesskey="f" id="searchInput" > <span class="cdx-text-input__icon cdx-text-input__start-icon"></span> </div> <input type="hidden" name="title" value="Special:Search"> </div> <button class="cdx-button cdx-search-input__end-button">Search</button> </form> </div> </div> </div> <nav class="vector-user-links vector-user-links-wide" aria-label="Personal tools"> <div class="vector-user-links-main"> <div id="p-vector-user-menu-preferences" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <div id="p-vector-user-menu-userpage" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <nav class="vector-appearance-landmark" aria-label="Appearance"> <div id="vector-appearance-dropdown" class="vector-dropdown " title="Change the appearance of the page's font size, width, and color" > <input type="checkbox" id="vector-appearance-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-appearance-dropdown" class="vector-dropdown-checkbox " aria-label="Appearance" > <label id="vector-appearance-dropdown-label" for="vector-appearance-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-appearance mw-ui-icon-wikimedia-appearance"></span> <span class="vector-dropdown-label-text">Appearance</span> </label> <div class="vector-dropdown-content"> <div id="vector-appearance-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <div id="p-vector-user-menu-notifications" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <div id="p-vector-user-menu-overflow" class="vector-menu mw-portlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-sitesupport-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="https://donate.wikimedia.org/?wmf_source=donate&wmf_medium=sidebar&wmf_campaign=en.wikipedia.org&uselang=en" class=""><span>Donate</span></a> </li> <li id="pt-createaccount-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="/w/index.php?title=Special:CreateAccount&returnto=Tokenization+%28data+security%29" title="You are encouraged to create an account and log in; however, it is not mandatory" class=""><span>Create account</span></a> </li> <li id="pt-login-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="/w/index.php?title=Special:UserLogin&returnto=Tokenization+%28data+security%29" title="You're encouraged to log in; however, it's not mandatory. [o]" accesskey="o" class=""><span>Log in</span></a> </li> </ul> </div> </div> </div> <div id="vector-user-links-dropdown" class="vector-dropdown vector-user-menu vector-button-flush-right vector-user-menu-logged-out" title="Log in and more options" > <input type="checkbox" id="vector-user-links-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-user-links-dropdown" class="vector-dropdown-checkbox " aria-label="Personal tools" > <label id="vector-user-links-dropdown-label" for="vector-user-links-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-ellipsis mw-ui-icon-wikimedia-ellipsis"></span> <span class="vector-dropdown-label-text">Personal tools</span> </label> <div class="vector-dropdown-content"> <div id="p-personal" class="vector-menu mw-portlet mw-portlet-personal user-links-collapsible-item" title="User menu" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-sitesupport" class="user-links-collapsible-item mw-list-item"><a href="https://donate.wikimedia.org/?wmf_source=donate&wmf_medium=sidebar&wmf_campaign=en.wikipedia.org&uselang=en"><span>Donate</span></a></li><li id="pt-createaccount" class="user-links-collapsible-item mw-list-item"><a href="/w/index.php?title=Special:CreateAccount&returnto=Tokenization+%28data+security%29" title="You are encouraged to create an account and log in; however, it is not mandatory"><span class="vector-icon mw-ui-icon-userAdd mw-ui-icon-wikimedia-userAdd"></span> <span>Create account</span></a></li><li id="pt-login" class="user-links-collapsible-item mw-list-item"><a href="/w/index.php?title=Special:UserLogin&returnto=Tokenization+%28data+security%29" title="You're encouraged to log in; however, it's not mandatory. [o]" accesskey="o"><span class="vector-icon mw-ui-icon-logIn mw-ui-icon-wikimedia-logIn"></span> <span>Log in</span></a></li> </ul> </div> </div> <div id="p-user-menu-anon-editor" class="vector-menu mw-portlet mw-portlet-user-menu-anon-editor" > <div class="vector-menu-heading"> Pages for logged out editors <a href="/wiki/Help:Introduction" aria-label="Learn more about editing"><span>learn more</span></a> </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-anoncontribs" class="mw-list-item"><a href="/wiki/Special:MyContributions" title="A list of edits made from this IP address [y]" accesskey="y"><span>Contributions</span></a></li><li id="pt-anontalk" class="mw-list-item"><a href="/wiki/Special:MyTalk" title="Discussion about edits from this IP address [n]" accesskey="n"><span>Talk</span></a></li> </ul> </div> </div> </div> </div> </nav> </div> </header> </div> <div class="mw-page-container"> <div class="mw-page-container-inner"> <div class="vector-sitenotice-container"> <div id="siteNotice"><!-- CentralNotice --></div> </div> <div class="vector-column-start"> <div class="vector-main-menu-container"> <div id="mw-navigation"> <nav id="mw-panel" class="vector-main-menu-landmark" aria-label="Site"> <div id="vector-main-menu-pinned-container" class="vector-pinned-container"> </div> </nav> </div> </div> <div class="vector-sticky-pinned-container"> <nav id="mw-panel-toc" aria-label="Contents" data-event-name="ui.sidebar-toc" class="mw-table-of-contents-container vector-toc-landmark"> <div id="vector-toc-pinned-container" class="vector-pinned-container"> <div id="vector-toc" class="vector-toc vector-pinnable-element"> <div class="vector-pinnable-header vector-toc-pinnable-header vector-pinnable-header-pinned" data-feature-name="toc-pinned" data-pinnable-element-id="vector-toc" > <h2 class="vector-pinnable-header-label">Contents</h2> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-toc.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-toc.unpin">hide</button> </div> <ul class="vector-toc-contents" id="mw-panel-toc-list"> <li id="toc-mw-content-text" class="vector-toc-list-item vector-toc-level-1"> <a href="#" class="vector-toc-link"> <div class="vector-toc-text">(Top)</div> </a> </li> <li id="toc-Concepts_and_origins" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Concepts_and_origins"> <div class="vector-toc-text"> <span class="vector-toc-numb">1</span> <span>Concepts and origins</span> </div> </a> <ul id="toc-Concepts_and_origins-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-The_tokenization_process" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#The_tokenization_process"> <div class="vector-toc-text"> <span class="vector-toc-numb">2</span> <span>The tokenization process</span> </div> </a> <ul id="toc-The_tokenization_process-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Difference_from_encryption" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Difference_from_encryption"> <div class="vector-toc-text"> <span class="vector-toc-numb">3</span> <span>Difference from encryption</span> </div> </a> <ul id="toc-Difference_from_encryption-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Types_of_tokens" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Types_of_tokens"> <div class="vector-toc-text"> <span class="vector-toc-numb">4</span> <span>Types of tokens</span> </div> </a> <button aria-controls="toc-Types_of_tokens-sublist" class="cdx-button cdx-button--weight-quiet cdx-button--icon-only vector-toc-toggle"> <span class="vector-icon mw-ui-icon-wikimedia-expand"></span> <span>Toggle Types of tokens subsection</span> </button> <ul id="toc-Types_of_tokens-sublist" class="vector-toc-list"> <li id="toc-High-value_tokens_(HVTs)" class="vector-toc-list-item vector-toc-level-2"> <a class="vector-toc-link" href="#High-value_tokens_(HVTs)"> <div class="vector-toc-text"> <span class="vector-toc-numb">4.1</span> <span>High-value tokens (HVTs)</span> </div> </a> <ul id="toc-High-value_tokens_(HVTs)-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Low-value_tokens_(LVTs)_or_security_tokens" class="vector-toc-list-item vector-toc-level-2"> <a class="vector-toc-link" href="#Low-value_tokens_(LVTs)_or_security_tokens"> <div class="vector-toc-text"> <span class="vector-toc-numb">4.2</span> <span>Low-value tokens (LVTs) or security tokens</span> </div> </a> <ul id="toc-Low-value_tokens_(LVTs)_or_security_tokens-sublist" class="vector-toc-list"> </ul> </li> </ul> </li> <li id="toc-System_operations,_limitations_and_evolution" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#System_operations,_limitations_and_evolution"> <div class="vector-toc-text"> <span class="vector-toc-numb">5</span> <span>System operations, limitations and evolution</span> </div> </a> <ul id="toc-System_operations,_limitations_and_evolution-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Application_to_alternative_payment_systems" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Application_to_alternative_payment_systems"> <div class="vector-toc-text"> <span class="vector-toc-numb">6</span> <span>Application to alternative payment systems</span> </div> </a> <ul id="toc-Application_to_alternative_payment_systems-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Application_to_PCI_DSS_standards" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Application_to_PCI_DSS_standards"> <div class="vector-toc-text"> <span class="vector-toc-numb">7</span> <span>Application to PCI DSS standards</span> </div> </a> <ul id="toc-Application_to_PCI_DSS_standards-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Standards_(ANSI,_the_PCI_Council,_Visa,_and_EMV)" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Standards_(ANSI,_the_PCI_Council,_Visa,_and_EMV)"> <div class="vector-toc-text"> <span class="vector-toc-numb">8</span> <span>Standards (ANSI, the PCI Council, Visa, and EMV)</span> </div> </a> <ul id="toc-Standards_(ANSI,_the_PCI_Council,_Visa,_and_EMV)-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Risk_reduction" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Risk_reduction"> <div class="vector-toc-text"> <span class="vector-toc-numb">9</span> <span>Risk reduction</span> </div> </a> <ul id="toc-Risk_reduction-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Restrictions_on_token_use" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Restrictions_on_token_use"> <div class="vector-toc-text"> <span class="vector-toc-numb">10</span> <span>Restrictions on token use</span> </div> </a> <ul id="toc-Restrictions_on_token_use-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-See_also" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#See_also"> <div class="vector-toc-text"> <span class="vector-toc-numb">11</span> <span>See also</span> </div> </a> <ul id="toc-See_also-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-References" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#References"> <div class="vector-toc-text"> <span class="vector-toc-numb">12</span> <span>References</span> </div> </a> <ul id="toc-References-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-External_links" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#External_links"> <div class="vector-toc-text"> <span class="vector-toc-numb">13</span> <span>External links</span> </div> </a> <ul id="toc-External_links-sublist" class="vector-toc-list"> </ul> </li> </ul> </div> </div> </nav> </div> </div> <div class="mw-content-container"> <main id="content" class="mw-body"> <header class="mw-body-header vector-page-titlebar"> <nav aria-label="Contents" class="vector-toc-landmark"> <div id="vector-page-titlebar-toc" class="vector-dropdown vector-page-titlebar-toc vector-button-flush-left" title="Table of Contents" > <input type="checkbox" id="vector-page-titlebar-toc-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-page-titlebar-toc" class="vector-dropdown-checkbox " aria-label="Toggle the table of contents" > <label id="vector-page-titlebar-toc-label" for="vector-page-titlebar-toc-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-listBullet mw-ui-icon-wikimedia-listBullet"></span> <span class="vector-dropdown-label-text">Toggle the table of contents</span> </label> <div class="vector-dropdown-content"> <div id="vector-page-titlebar-toc-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <h1 id="firstHeading" class="firstHeading mw-first-heading"><span class="mw-page-title-main">Tokenization (data security)</span></h1> <div id="p-lang-btn" class="vector-dropdown mw-portlet mw-portlet-lang" > <input type="checkbox" id="p-lang-btn-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-p-lang-btn" class="vector-dropdown-checkbox mw-interlanguage-selector" aria-label="Go to an article in another language. Available in 6 languages" > <label id="p-lang-btn-label" for="p-lang-btn-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--action-progressive mw-portlet-lang-heading-6" aria-hidden="true" ><span class="vector-icon mw-ui-icon-language-progressive mw-ui-icon-wikimedia-language-progressive"></span> <span class="vector-dropdown-label-text">6 languages</span> </label> <div class="vector-dropdown-content"> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li class="interlanguage-link interwiki-fa mw-list-item"><a href="https://fa.wikipedia.org/wiki/%D9%86%D8%B4%D8%A7%D9%86%D9%87%E2%80%8C%DA%AF%D8%B0%D8%A7%D8%B1%DB%8C_(%D8%A7%D9%85%D9%86%DB%8C%D8%AA_%D8%AF%D8%A7%D8%AF%D9%87%E2%80%8C%D9%87%D8%A7)" title="نشانهگذاری (امنیت دادهها) – Persian" lang="fa" hreflang="fa" data-title="نشانهگذاری (امنیت دادهها)" data-language-autonym="فارسی" data-language-local-name="Persian" class="interlanguage-link-target"><span>فارسی</span></a></li><li class="interlanguage-link interwiki-fr mw-list-item"><a href="https://fr.wikipedia.org/wiki/Tokenisation_(s%C3%A9curit%C3%A9_informatique)" title="Tokenisation (sécurité informatique) – French" lang="fr" hreflang="fr" data-title="Tokenisation (sécurité informatique)" data-language-autonym="Français" data-language-local-name="French" class="interlanguage-link-target"><span>Français</span></a></li><li class="interlanguage-link interwiki-he mw-list-item"><a href="https://he.wikipedia.org/wiki/%D7%98%D7%95%D7%A7%D7%A0%D7%99%D7%96%D7%A6%D7%99%D7%94_(%D7%90%D7%91%D7%98%D7%97%D7%AA_%D7%A0%D7%AA%D7%95%D7%A0%D7%99%D7%9D)" title="טוקניזציה (אבטחת נתונים) – Hebrew" lang="he" hreflang="he" data-title="טוקניזציה (אבטחת נתונים)" data-language-autonym="עברית" data-language-local-name="Hebrew" class="interlanguage-link-target"><span>עברית</span></a></li><li class="interlanguage-link interwiki-pl mw-list-item"><a href="https://pl.wikipedia.org/wiki/Tokenizacja" title="Tokenizacja – Polish" lang="pl" hreflang="pl" data-title="Tokenizacja" data-language-autonym="Polski" data-language-local-name="Polish" class="interlanguage-link-target"><span>Polski</span></a></li><li class="interlanguage-link interwiki-ru mw-list-item"><a href="https://ru.wikipedia.org/wiki/%D0%A2%D0%BE%D0%BA%D0%B5%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F_(%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F_%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C)" title="Токенизация (информационная безопасность) – Russian" lang="ru" hreflang="ru" data-title="Токенизация (информационная безопасность)" data-language-autonym="Русский" data-language-local-name="Russian" class="interlanguage-link-target"><span>Русский</span></a></li><li class="interlanguage-link interwiki-sr mw-list-item"><a href="https://sr.wikipedia.org/wiki/Token_u_ra%C4%8Dunarstvu" title="Token u računarstvu – Serbian" lang="sr" hreflang="sr" data-title="Token u računarstvu" data-language-autonym="Српски / srpski" data-language-local-name="Serbian" class="interlanguage-link-target"><span>Српски / srpski</span></a></li> </ul> <div class="after-portlet after-portlet-lang"><span class="wb-langlinks-edit wb-langlinks-link"><a href="https://www.wikidata.org/wiki/Special:EntityPage/Q17086007#sitelinks-wikipedia" title="Edit interlanguage links" class="wbc-editpage">Edit links</a></span></div> </div> </div> </div> </header> <div class="vector-page-toolbar"> <div class="vector-page-toolbar-container"> <div id="left-navigation"> <nav aria-label="Namespaces"> <div id="p-associated-pages" class="vector-menu vector-menu-tabs mw-portlet mw-portlet-associated-pages" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-nstab-main" class="selected vector-tab-noicon mw-list-item"><a href="/wiki/Tokenization_(data_security)" title="View the content page [c]" accesskey="c"><span>Article</span></a></li><li id="ca-talk" class="vector-tab-noicon mw-list-item"><a href="/wiki/Talk:Tokenization_(data_security)" rel="discussion" title="Discuss improvements to the content page [t]" accesskey="t"><span>Talk</span></a></li> </ul> </div> </div> <div id="vector-variants-dropdown" class="vector-dropdown emptyPortlet" > <input type="checkbox" id="vector-variants-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-variants-dropdown" class="vector-dropdown-checkbox " aria-label="Change language variant" > <label id="vector-variants-dropdown-label" for="vector-variants-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet" aria-hidden="true" ><span class="vector-dropdown-label-text">English</span> </label> <div class="vector-dropdown-content"> <div id="p-variants" class="vector-menu mw-portlet mw-portlet-variants emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> </div> </div> </nav> </div> <div id="right-navigation" class="vector-collapsible"> <nav aria-label="Views"> <div id="p-views" class="vector-menu vector-menu-tabs mw-portlet mw-portlet-views" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-view" class="selected vector-tab-noicon mw-list-item"><a href="/wiki/Tokenization_(data_security)"><span>Read</span></a></li><li id="ca-edit" class="vector-tab-noicon mw-list-item"><a href="/w/index.php?title=Tokenization_(data_security)&action=edit" title="Edit this page [e]" accesskey="e"><span>Edit</span></a></li><li id="ca-history" class="vector-tab-noicon mw-list-item"><a href="/w/index.php?title=Tokenization_(data_security)&action=history" title="Past revisions of this page [h]" accesskey="h"><span>View history</span></a></li> </ul> </div> </div> </nav> <nav class="vector-page-tools-landmark" aria-label="Page tools"> <div id="vector-page-tools-dropdown" class="vector-dropdown vector-page-tools-dropdown" > <input type="checkbox" id="vector-page-tools-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-page-tools-dropdown" class="vector-dropdown-checkbox " aria-label="Tools" > <label id="vector-page-tools-dropdown-label" for="vector-page-tools-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet" aria-hidden="true" ><span class="vector-dropdown-label-text">Tools</span> </label> <div class="vector-dropdown-content"> <div id="vector-page-tools-unpinned-container" class="vector-unpinned-container"> <div id="vector-page-tools" class="vector-page-tools vector-pinnable-element"> <div class="vector-pinnable-header vector-page-tools-pinnable-header vector-pinnable-header-unpinned" data-feature-name="page-tools-pinned" data-pinnable-element-id="vector-page-tools" data-pinned-container-id="vector-page-tools-pinned-container" data-unpinned-container-id="vector-page-tools-unpinned-container" > <div class="vector-pinnable-header-label">Tools</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-page-tools.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-page-tools.unpin">hide</button> </div> <div id="p-cactions" class="vector-menu mw-portlet mw-portlet-cactions emptyPortlet vector-has-collapsible-items" title="More options" > <div class="vector-menu-heading"> Actions </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-more-view" class="selected vector-more-collapsible-item mw-list-item"><a href="/wiki/Tokenization_(data_security)"><span>Read</span></a></li><li id="ca-more-edit" class="vector-more-collapsible-item mw-list-item"><a href="/w/index.php?title=Tokenization_(data_security)&action=edit" title="Edit this page [e]" accesskey="e"><span>Edit</span></a></li><li id="ca-more-history" class="vector-more-collapsible-item mw-list-item"><a href="/w/index.php?title=Tokenization_(data_security)&action=history"><span>View history</span></a></li> </ul> </div> </div> <div id="p-tb" class="vector-menu mw-portlet mw-portlet-tb" > <div class="vector-menu-heading"> General </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="t-whatlinkshere" class="mw-list-item"><a href="/wiki/Special:WhatLinksHere/Tokenization_(data_security)" title="List of all English Wikipedia pages containing links to this page [j]" accesskey="j"><span>What links here</span></a></li><li id="t-recentchangeslinked" class="mw-list-item"><a href="/wiki/Special:RecentChangesLinked/Tokenization_(data_security)" rel="nofollow" title="Recent changes in pages linked from this page [k]" accesskey="k"><span>Related changes</span></a></li><li id="t-upload" class="mw-list-item"><a href="//en.wikipedia.org/wiki/Wikipedia:File_Upload_Wizard" title="Upload files [u]" accesskey="u"><span>Upload file</span></a></li><li id="t-specialpages" class="mw-list-item"><a href="/wiki/Special:SpecialPages" title="A list of all special pages [q]" accesskey="q"><span>Special pages</span></a></li><li id="t-permalink" class="mw-list-item"><a href="/w/index.php?title=Tokenization_(data_security)&oldid=1253881566" title="Permanent link to this revision of this page"><span>Permanent link</span></a></li><li id="t-info" class="mw-list-item"><a href="/w/index.php?title=Tokenization_(data_security)&action=info" title="More information about this page"><span>Page information</span></a></li><li id="t-cite" class="mw-list-item"><a href="/w/index.php?title=Special:CiteThisPage&page=Tokenization_%28data_security%29&id=1253881566&wpFormIdentifier=titleform" title="Information on how to cite this page"><span>Cite this page</span></a></li><li id="t-urlshortener" class="mw-list-item"><a href="/w/index.php?title=Special:UrlShortener&url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FTokenization_%28data_security%29"><span>Get shortened URL</span></a></li><li id="t-urlshortener-qrcode" class="mw-list-item"><a href="/w/index.php?title=Special:QrCode&url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FTokenization_%28data_security%29"><span>Download QR code</span></a></li> </ul> </div> </div> <div id="p-coll-print_export" class="vector-menu mw-portlet mw-portlet-coll-print_export" > <div class="vector-menu-heading"> Print/export </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="coll-download-as-rl" class="mw-list-item"><a href="/w/index.php?title=Special:DownloadAsPdf&page=Tokenization_%28data_security%29&action=show-download-screen" title="Download this page as a PDF file"><span>Download as PDF</span></a></li><li id="t-print" class="mw-list-item"><a href="/w/index.php?title=Tokenization_(data_security)&printable=yes" title="Printable version of this page [p]" accesskey="p"><span>Printable version</span></a></li> </ul> </div> </div> <div id="p-wikibase-otherprojects" class="vector-menu mw-portlet mw-portlet-wikibase-otherprojects" > <div class="vector-menu-heading"> In other projects </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="t-wikibase" class="wb-otherproject-link wb-otherproject-wikibase-dataitem mw-list-item"><a href="https://www.wikidata.org/wiki/Special:EntityPage/Q17086007" title="Structured data on this page hosted by Wikidata [g]" accesskey="g"><span>Wikidata item</span></a></li> </ul> </div> </div> </div> </div> </div> </div> </nav> </div> </div> </div> <div class="vector-column-end"> <div class="vector-sticky-pinned-container"> <nav class="vector-page-tools-landmark" aria-label="Page tools"> <div id="vector-page-tools-pinned-container" class="vector-pinned-container"> </div> </nav> <nav class="vector-appearance-landmark" aria-label="Appearance"> <div id="vector-appearance-pinned-container" class="vector-pinned-container"> <div id="vector-appearance" class="vector-appearance vector-pinnable-element"> <div class="vector-pinnable-header vector-appearance-pinnable-header vector-pinnable-header-pinned" data-feature-name="appearance-pinned" data-pinnable-element-id="vector-appearance" data-pinned-container-id="vector-appearance-pinned-container" data-unpinned-container-id="vector-appearance-unpinned-container" > <div class="vector-pinnable-header-label">Appearance</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-appearance.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-appearance.unpin">hide</button> </div> </div> </div> </nav> </div> </div> <div id="bodyContent" class="vector-body" aria-labelledby="firstHeading" data-mw-ve-target-container> <div class="vector-body-before-content"> <div class="mw-indicators"> </div> <div id="siteSub" class="noprint">From Wikipedia, the free encyclopedia</div> </div> <div id="contentSub"><div id="mw-content-subtitle"></div></div> <div id="mw-content-text" class="mw-body-content"><div class="mw-content-ltr mw-parser-output" lang="en" dir="ltr"><div class="shortdescription nomobile noexcerpt noprint searchaux" style="display:none">Concept in data security</div> <style data-mw-deduplicate="TemplateStyles:r1236090951">.mw-parser-output .hatnote{font-style:italic}.mw-parser-output div.hatnote{padding-left:1.6em;margin-bottom:0.5em}.mw-parser-output .hatnote i{font-style:normal}.mw-parser-output .hatnote+link+.hatnote{margin-top:-0.5em}@media print{body.ns-0 .mw-parser-output .hatnote{display:none!important}}</style><div role="note" class="hatnote navigation-not-searchable">Not to be confused with <a href="/wiki/Tokenization_(lexical_analysis)" class="mw-redirect" title="Tokenization (lexical analysis)">tokenization (lexical analysis)</a>.</div> <figure typeof="mw:File/Thumb"><a href="/wiki/File:How_mobile_payment_tokenization_works.png" class="mw-file-description"><img src="//upload.wikimedia.org/wikipedia/commons/thumb/3/3e/How_mobile_payment_tokenization_works.png/480px-How_mobile_payment_tokenization_works.png" decoding="async" width="480" height="190" class="mw-file-element" srcset="//upload.wikimedia.org/wikipedia/commons/thumb/3/3e/How_mobile_payment_tokenization_works.png/720px-How_mobile_payment_tokenization_works.png 1.5x, //upload.wikimedia.org/wikipedia/commons/thumb/3/3e/How_mobile_payment_tokenization_works.png/960px-How_mobile_payment_tokenization_works.png 2x" data-file-width="2236" data-file-height="884" /></a><figcaption>This is a simplified example of how <a href="/wiki/Mobile_payment" title="Mobile payment">mobile payment</a> tokenization commonly works via a mobile phone application with a <a href="/wiki/Credit_card" title="Credit card">credit card</a>.<sup id="cite_ref-1" class="reference"><a href="#cite_note-1"><span class="cite-bracket">[</span>1<span class="cite-bracket">]</span></a></sup><sup id="cite_ref-2" class="reference"><a href="#cite_note-2"><span class="cite-bracket">[</span>2<span class="cite-bracket">]</span></a></sup> Methods other than fingerprint scanning or PIN-numbers can be used at a <a href="/wiki/Payment_terminal" title="Payment terminal">payment terminal</a>.</figcaption></figure> <p><b>Tokenization</b>, when applied to data security, is the process of substituting a sensitive <a href="/wiki/Data_element" title="Data element">data element</a> with a non-sensitive equivalent, referred to as a <a href="/wiki/Security_token" title="Security token">token</a>, that has no intrinsic or exploitable meaning or value. The token is a reference (i.e. identifier) that maps back to the sensitive data through a tokenization system. The mapping from original data to a token uses methods that render tokens infeasible to reverse in the absence of the tokenization system, for example using tokens created from <a href="/wiki/Random_number_generation" title="Random number generation">random numbers</a>.<sup id="cite_ref-3" class="reference"><a href="#cite_note-3"><span class="cite-bracket">[</span>3<span class="cite-bracket">]</span></a></sup> A one-way cryptographic function is used to convert the original data into tokens, making it difficult to recreate the original data without obtaining entry to the tokenization system's resources.<sup id="cite_ref-:0_4-0" class="reference"><a href="#cite_note-:0-4"><span class="cite-bracket">[</span>4<span class="cite-bracket">]</span></a></sup> To deliver such services, the system maintains a vault database of tokens that are connected to the corresponding sensitive data. Protecting the system vault is vital to the system, and improved processes must be put in place to offer database integrity and physical security.<sup id="cite_ref-5" class="reference"><a href="#cite_note-5"><span class="cite-bracket">[</span>5<span class="cite-bracket">]</span></a></sup> </p><p>The tokenization system must be secured and validated using security best practices<sup id="cite_ref-6" class="reference"><a href="#cite_note-6"><span class="cite-bracket">[</span>6<span class="cite-bracket">]</span></a></sup> applicable to sensitive data protection, secure storage, audit, authentication and authorization. The tokenization system provides data processing applications with the authority and interfaces to request tokens, or detokenize back to sensitive data. </p><p>The security and risk reduction benefits of tokenization require that the tokenization system is logically isolated and segmented from data processing systems and applications that previously processed or stored sensitive data replaced by tokens. Only the tokenization system can tokenize data to create tokens, or detokenize back to redeem sensitive data under strict security controls. The token generation method must be proven to have the property that there is no feasible means through direct attack, <a href="/wiki/Cryptanalysis" title="Cryptanalysis">cryptanalysis</a>, side channel analysis, token mapping table exposure or brute force techniques to reverse tokens back to live data. </p><p>Replacing live data with tokens in systems is intended to minimize exposure of sensitive data to those applications, stores, people and processes, reducing risk of compromise or accidental exposure and unauthorized access to sensitive data. Applications can operate using tokens instead of live data, with the exception of a small number of trusted applications explicitly permitted to detokenize when strictly necessary for an approved business purpose. Tokenization systems may be operated in-house within a secure isolated segment of the data center, or as a service from a secure service provider. </p><p>Tokenization may be used to safeguard sensitive data involving, for example, <a href="/wiki/Bank_account" title="Bank account">bank accounts</a>, <a href="/wiki/Financial_statement" title="Financial statement">financial statements</a>, <a href="/wiki/Medical_record" title="Medical record">medical records</a>, <a href="/wiki/Criminal_record" title="Criminal record">criminal records</a>, <a href="/wiki/Driver%27s_license" title="Driver's license">driver's licenses</a>, <a href="/wiki/Loan" title="Loan">loan</a> applications, stock <a href="/wiki/Trade_(financial_instrument)" class="mw-redirect" title="Trade (financial instrument)">trades</a>, <a href="/wiki/Voter_registration" title="Voter registration">voter registrations</a>, and other types of <a href="/wiki/Personally_identifiable_information" class="mw-redirect" title="Personally identifiable information">personally identifiable information</a> (PII). Tokenization is often used in credit card processing. The <a href="/wiki/Payment_Card_Industry_Data_Security_Standard" title="Payment Card Industry Data Security Standard">PCI Council</a> defines tokenization as "a process by which the <a href="/wiki/Primary_account_number" class="mw-redirect" title="Primary account number">primary account number</a> (PAN) is replaced with a surrogate value called a token. A PAN may be linked to a reference number through the tokenization process. In this case, the merchant simply has to retain the token and a reliable third party controls the relationship and holds the PAN. The token may be created independently of the PAN, or the PAN can be used as part of the data input to the tokenization technique. The communication between the merchant and the third-party supplier must be secure to prevent an attacker from intercepting to gain the PAN and the token.<sup id="cite_ref-7" class="reference"><a href="#cite_note-7"><span class="cite-bracket">[</span>7<span class="cite-bracket">]</span></a></sup> </p><p>De-tokenization<sup id="cite_ref-8" class="reference"><a href="#cite_note-8"><span class="cite-bracket">[</span>8<span class="cite-bracket">]</span></a></sup> is the reverse process of redeeming a token for its associated PAN value. The security of an individual token relies predominantly on the infeasibility of determining the original PAN knowing only the surrogate value".<sup id="cite_ref-9" class="reference"><a href="#cite_note-9"><span class="cite-bracket">[</span>9<span class="cite-bracket">]</span></a></sup> The choice of tokenization as an alternative to other techniques such as <a href="/wiki/Encryption" title="Encryption">encryption</a> will depend on varying regulatory requirements, interpretation, and acceptance by respective auditing or assessment entities. This is in addition to any technical, architectural or operational constraint that tokenization imposes in practical use. </p> <meta property="mw:PageProp/toc" /> <div class="mw-heading mw-heading2"><h2 id="Concepts_and_origins">Concepts and origins</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Tokenization_(data_security)&action=edit&section=1" title="Edit section: Concepts and origins"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>The concept of tokenization, as adopted by the industry today, has existed since the first <a href="/wiki/Currency" title="Currency">currency</a> systems emerged centuries ago as a means to reduce risk in handling high value <a href="/wiki/Financial_instrument" title="Financial instrument">financial instruments</a> by replacing them with surrogate equivalents.<sup id="cite_ref-10" class="reference"><a href="#cite_note-10"><span class="cite-bracket">[</span>10<span class="cite-bracket">]</span></a></sup><sup id="cite_ref-11" class="reference"><a href="#cite_note-11"><span class="cite-bracket">[</span>11<span class="cite-bracket">]</span></a></sup><sup id="cite_ref-12" class="reference"><a href="#cite_note-12"><span class="cite-bracket">[</span>12<span class="cite-bracket">]</span></a></sup> In the physical world, <a href="/wiki/Token_coin" title="Token coin">coin tokens</a> have a long history of use replacing the financial instrument of <a href="/wiki/Mint_(coin)" class="mw-redirect" title="Mint (coin)">minted coins</a> and <a href="/wiki/Banknote" title="Banknote">banknotes</a>. In more recent history, subway tokens and casino chips found adoption for their respective systems to replace physical currency and cash handling risks such as theft. <a href="/wiki/Exonumia" title="Exonumia">Exonumia</a> and <a href="/wiki/Scrip" title="Scrip">scrip</a> are terms synonymous with such tokens. </p><p>In the digital world, similar substitution techniques have been used since the 1970s as a means to isolate real data elements from exposure to other data systems. In databases for example, <a href="/wiki/Surrogate_key" title="Surrogate key">surrogate key</a> values have been used since 1976 to isolate data associated with the internal mechanisms of databases and their external equivalents for a variety of uses in data processing.<sup id="cite_ref-13" class="reference"><a href="#cite_note-13"><span class="cite-bracket">[</span>13<span class="cite-bracket">]</span></a></sup><sup id="cite_ref-14" class="reference"><a href="#cite_note-14"><span class="cite-bracket">[</span>14<span class="cite-bracket">]</span></a></sup> More recently, these concepts have been extended to consider this isolation tactic to provide a security mechanism for the purposes of data protection. </p><p>In the <a href="/wiki/Payment_card" title="Payment card">payment card</a> industry, tokenization is one means of protecting sensitive cardholder data in order to comply with industry standards and government regulations.<sup id="cite_ref-15" class="reference"><a href="#cite_note-15"><span class="cite-bracket">[</span>15<span class="cite-bracket">]</span></a></sup> </p><p>Tokenization was applied to payment card data by <a href="/wiki/Shift4_Payments" class="mw-redirect" title="Shift4 Payments">Shift4 Corporation</a><sup id="cite_ref-16" class="reference"><a href="#cite_note-16"><span class="cite-bracket">[</span>16<span class="cite-bracket">]</span></a></sup> and released to the public during an industry Security Summit in <a href="/wiki/Las_Vegas_Valley" title="Las Vegas Valley">Las Vegas</a>, <a href="/wiki/Nevada" title="Nevada">Nevada</a> in 2005.<sup id="cite_ref-17" class="reference"><a href="#cite_note-17"><span class="cite-bracket">[</span>17<span class="cite-bracket">]</span></a></sup> The technology is meant to prevent the theft of the credit card information in storage. Shift4 defines tokenization as: “The concept of using a non-decryptable piece of data to represent, by reference, sensitive or secret data. In <a href="/wiki/Payment_card_industry" title="Payment card industry">payment card industry</a> (PCI) context, tokens are used to reference cardholder data that is managed in a tokenization system, application or off-site secure facility.”<sup id="cite_ref-18" class="reference"><a href="#cite_note-18"><span class="cite-bracket">[</span>18<span class="cite-bracket">]</span></a></sup> </p><p>To protect data over its full lifecycle, tokenization is often combined with <a href="/wiki/End-to-end_encryption" title="End-to-end encryption">end-to-end encryption</a> to secure <a href="/wiki/Data_in_transit" title="Data in transit">data in transit</a> to the tokenization system or service, with a token replacing the original data on return. For example, to avoid the risks of <a href="/wiki/Malware" title="Malware">malware</a> stealing data from low-trust systems such as <a href="/wiki/Point_of_sale" title="Point of sale">point of sale</a> (POS) systems, as in the <a rel="nofollow" class="external text" href="http://www.securityweek.com/experts-debate-how-hackers-stole-40-million-card-numbers-target">Target breach of 2013</a>, cardholder data encryption must take place prior to card data entering the POS and not after. Encryption takes place within the confines of a security hardened and validated card reading device and data remains encrypted until received by the processing host, an approach pioneered by <a href="/wiki/Heartland_Payment_Systems" title="Heartland Payment Systems">Heartland Payment Systems</a><sup id="cite_ref-19" class="reference"><a href="#cite_note-19"><span class="cite-bracket">[</span>19<span class="cite-bracket">]</span></a></sup> as a means to secure payment data from advanced threats, now widely adopted by industry payment processing companies and technology companies.<sup id="cite_ref-20" class="reference"><a href="#cite_note-20"><span class="cite-bracket">[</span>20<span class="cite-bracket">]</span></a></sup> The PCI Council has also specified end-to-end encryption (certified point-to-point encryption—P2PE) for various service implementations in various <a rel="nofollow" class="external text" href="https://www.pcisecuritystandards.org/security_standards/documents.php">PCI Council Point-to-point Encryption</a> documents. </p> <div class="mw-heading mw-heading2"><h2 id="The_tokenization_process">The tokenization process</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Tokenization_(data_security)&action=edit&section=2" title="Edit section: The tokenization process"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>The process of tokenization consists of the following steps: </p> <ul><li>The application sends the tokenization data and authentication information to the tokenization system. It is stopped if authentication fails and the data is delivered to an event management system. As a result, administrators can discover problems and effectively manage the system. The system moves on to the next phase if authentication is successful.</li> <li>Using one-way cryptographic techniques, a token is generated and kept in a highly secure data vault.</li> <li>The new token is provided to the application for further use.<sup id="cite_ref-21" class="reference"><a href="#cite_note-21"><span class="cite-bracket">[</span>21<span class="cite-bracket">]</span></a></sup></li></ul> <p>Tokenization systems share several components according to established standards. </p> <ol><li>Token Generation is the process of producing a token using any means, such as mathematically reversible cryptographic functions based on strong encryption algorithms and key management mechanisms, one-way nonreversible cryptographic functions (e.g., a hash function with strong, secret salt), or assignment via a randomly generated number. Random Number Generator (RNG) techniques are often the best choice for generating token values.</li> <li>Token Mapping – this is the process of assigning the created token value to its original value. To enable permitted look-ups of the original value using the token as the index, a secure cross-reference database must be constructed.</li> <li>Token Data Store – this is a central repository for the Token Mapping process that holds the original values as well as the related token values after the Token Generation process. On data servers, sensitive data and token values must be securely kept in encrypted format.</li> <li>Encrypted Data Storage – this is the encryption of sensitive data while it is in transit.</li> <li>Management of Cryptographic Keys. Strong key management procedures are required for sensitive <a href="/wiki/Data_encryption" class="mw-redirect" title="Data encryption">data encryption</a> on Token Data Stores.<sup id="cite_ref-:1_22-0" class="reference"><a href="#cite_note-:1-22"><span class="cite-bracket">[</span>22<span class="cite-bracket">]</span></a></sup></li></ol> <div class="mw-heading mw-heading2"><h2 id="Difference_from_encryption">Difference from encryption</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Tokenization_(data_security)&action=edit&section=3" title="Edit section: Difference from encryption"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>Tokenization and “classic” <a href="/wiki/Encryption" title="Encryption">encryption</a> effectively protect data if implemented properly, and a computer security system may use both. While similar in certain regards, tokenization and classic encryption differ in a few key aspects. Both are <a href="/wiki/Cryptography" title="Cryptography">cryptographic</a> data security methods and they essentially have the same function, however they do so with differing processes and have different effects on the data they are protecting. </p><p>Tokenization is a non-mathematical approach that replaces <a href="/wiki/Sensitive_data" class="mw-redirect" title="Sensitive data">sensitive data</a> with non-sensitive substitutes without altering the type or length of data. This is an important distinction from encryption because changes in data length and type can render information unreadable in intermediate systems such as databases. Tokenized data can still be processed by legacy systems which makes tokenization more flexible than classic encryption. </p><p>In many situations, the encryption process is a constant consumer of processing power, hence such a system needs significant expenditures in specialized hardware and software.<sup id="cite_ref-:0_4-1" class="reference"><a href="#cite_note-:0-4"><span class="cite-bracket">[</span>4<span class="cite-bracket">]</span></a></sup> </p><p>Another difference is that tokens require significantly less computational resources to process. With tokenization, specific data is kept fully or partially visible for processing and analytics while sensitive information is kept hidden. This allows tokenized data to be processed more quickly and reduces the strain on system resources. This can be a key advantage in systems that rely on high performance. </p><p>In comparison to encryption, tokenization technologies reduce time, expense, and administrative effort while enabling teamwork and communication.<sup id="cite_ref-:0_4-2" class="reference"><a href="#cite_note-:0-4"><span class="cite-bracket">[</span>4<span class="cite-bracket">]</span></a></sup> </p> <div class="mw-heading mw-heading2"><h2 id="Types_of_tokens">Types of tokens</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Tokenization_(data_security)&action=edit&section=4" title="Edit section: Types of tokens"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>There are many ways that tokens can be classified however there is currently no unified classification. Tokens can be: single or multi-use, <a href="/wiki/Cryptography" title="Cryptography">cryptographic</a> or non-cryptographic, reversible or irreversible, authenticable or non-authenticable, and various combinations thereof. </p><p>In the context of payments, the difference between high and low value tokens plays a significant role. </p> <div class="mw-heading mw-heading3"><h3 id="High-value_tokens_(HVTs)"><span id="High-value_tokens_.28HVTs.29"></span>High-value tokens (HVTs)</h3><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Tokenization_(data_security)&action=edit&section=5" title="Edit section: High-value tokens (HVTs)"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>HVTs serve as surrogates for actual <a href="/wiki/Payment_card_number" title="Payment card number">PANs</a> in payment transactions and are used as an instrument for completing a payment transaction. In order to function, they must look like actual PANs. Multiple HVTs can map back to a single PAN and a single physical credit card without the owner being aware of it. Additionally, HVTs can be limited to certain networks and/or merchants whereas PANs cannot. </p><p>HVTs can also be bound to specific devices so that anomalies between token use, physical devices, and geographic locations can be flagged as potentially fraudulent. HVT blocking enhances efficiency by reducing computational costs while maintaining accuracy and reducing record linkage as it reduces the number of records that are compared.<sup id="cite_ref-23" class="reference"><a href="#cite_note-23"><span class="cite-bracket">[</span>23<span class="cite-bracket">]</span></a></sup> </p> <div class="mw-heading mw-heading3"><h3 id="Low-value_tokens_(LVTs)_or_security_tokens"><span id="Low-value_tokens_.28LVTs.29_or_security_tokens"></span>Low-value tokens (LVTs) or security tokens</h3><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Tokenization_(data_security)&action=edit&section=6" title="Edit section: Low-value tokens (LVTs) or security tokens"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>LVTs also act as surrogates for actual PANs in payment transactions, however they serve a different purpose. LVTs cannot be used by themselves to complete a payment transaction. In order for an LVT to function, it must be possible to match it back to the actual PAN it represents, albeit only in a tightly controlled fashion. Using tokens to protect PANs becomes ineffectual if a tokenization system is breached, therefore securing the tokenization system itself is extremely important. </p> <div class="mw-heading mw-heading2"><h2 id="System_operations,_limitations_and_evolution"><span id="System_operations.2C_limitations_and_evolution"></span>System operations, limitations and evolution</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Tokenization_(data_security)&action=edit&section=7" title="Edit section: System operations, limitations and evolution"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>First generation tokenization systems use a database to map from live data to surrogate substitute tokens and back. This requires the storage, management, and continuous backup for every new transaction added to the token database to avoid data loss. Another problem is ensuring consistency across data centers, requiring continuous synchronization of token databases. Significant consistency, availability and performance trade-offs, per the <a href="/wiki/CAP_theorem" title="CAP theorem">CAP theorem</a>, are unavoidable with this approach. This overhead adds complexity to real-time transaction processing to avoid data loss and to assure data integrity across data centers, and also limits scale. Storing all sensitive data in one service creates an attractive target for attack and compromise, and introduces privacy and legal risk in the aggregation of data <a href="/wiki/Internet_privacy" title="Internet privacy">Internet privacy</a>, particularly <a href="/wiki/Data_Protection_Directive" title="Data Protection Directive">in the EU</a>. </p><p>Another limitation of tokenization technologies is measuring the level of security for a given solution through independent validation. With the lack of standards, the latter is critical to establish the strength of tokenization offered when tokens are used for regulatory compliance. The <a href="/wiki/Payment_Card_Industry_Security_Standards_Council" title="Payment Card Industry Security Standards Council">PCI Council</a> recommends independent vetting and validation of any claims of security and compliance: "Merchants considering the use of tokenization should perform a thorough evaluation and risk analysis to identify and document the unique characteristics of their particular implementation, including all interactions with payment card data and the particular tokenization systems and processes"<sup id="cite_ref-24" class="reference"><a href="#cite_note-24"><span class="cite-bracket">[</span>24<span class="cite-bracket">]</span></a></sup> </p><p>The method of generating tokens may also have limitations from a security perspective. With concerns about security and attacks to <a href="/wiki/Random_number_generator_attack" title="Random number generator attack">random number generators</a>, which are a common choice for the generation of tokens and token mapping tables, scrutiny must be applied to ensure proven and validated methods are used versus arbitrary design.<sup id="cite_ref-25" class="reference"><a href="#cite_note-25"><span class="cite-bracket">[</span>25<span class="cite-bracket">]</span></a></sup><sup id="cite_ref-26" class="reference"><a href="#cite_note-26"><span class="cite-bracket">[</span>26<span class="cite-bracket">]</span></a></sup> <a href="/wiki/Cryptographically_secure_pseudorandom_number_generator" title="Cryptographically secure pseudorandom number generator">Random-number generators</a> have limitations in terms of speed, entropy, seeding and bias, and security properties must be carefully analysed and measured to avoid predictability and compromise. </p><p>With tokenization's increasing adoption, new tokenization technology approaches have emerged to remove such operational risks and complexities and to enable increased scale suited to emerging <a href="/wiki/Big_data" title="Big data">big data</a> use cases and high performance transaction processing, especially in financial services and banking.<sup id="cite_ref-27" class="reference"><a href="#cite_note-27"><span class="cite-bracket">[</span>27<span class="cite-bracket">]</span></a></sup> In addition to conventional tokenization methods, Protegrity provides additional security through its so-called "obfuscation layer." This creates a barrier that prevents not only regular users from accessing information they wouldn't see but also privileged users who has access, such as database administrators.<sup id="cite_ref-28" class="reference"><a href="#cite_note-28"><span class="cite-bracket">[</span>28<span class="cite-bracket">]</span></a></sup> </p><p>Stateless tokenization allows live data elements to be mapped to surrogate values randomly, without relying on a database, while maintaining the isolation properties of tokenization. </p><p>November 2014, <a href="/wiki/American_Express" title="American Express">American Express</a> released its token service which meets the <a href="/wiki/EMV" title="EMV">EMV</a> tokenization standard.<sup id="cite_ref-29" class="reference"><a href="#cite_note-29"><span class="cite-bracket">[</span>29<span class="cite-bracket">]</span></a></sup> Other notable examples of Tokenization-based payment systems, according to the EMVCo standard, include <a href="/wiki/Google_Wallet" title="Google Wallet">Google Wallet</a>, <a href="/wiki/Apple_Pay" title="Apple Pay">Apple Pay</a>,<sup id="cite_ref-30" class="reference"><a href="#cite_note-30"><span class="cite-bracket">[</span>30<span class="cite-bracket">]</span></a></sup> <a href="/wiki/Samsung_Pay" title="Samsung Pay">Samsung Pay</a>, <a href="/wiki/Microsoft_Wallet" class="mw-redirect" title="Microsoft Wallet">Microsoft Wallet</a>, <a href="/wiki/Fitbit_Pay" class="mw-redirect" title="Fitbit Pay">Fitbit Pay</a> and <a href="/wiki/Garmin_Pay" class="mw-redirect" title="Garmin Pay">Garmin Pay</a>. <a href="/wiki/Visa_Inc." title="Visa Inc.">Visa</a> uses tokenization techniques to provide a secure online and mobile shopping.<sup id="cite_ref-31" class="reference"><a href="#cite_note-31"><span class="cite-bracket">[</span>31<span class="cite-bracket">]</span></a></sup> </p><p>Using blockchain, as opposed to relying on trusted third parties, it is possible to run highly accessible, tamper-resistant databases for transactions.<sup id="cite_ref-32" class="reference"><a href="#cite_note-32"><span class="cite-bracket">[</span>32<span class="cite-bracket">]</span></a></sup><sup id="cite_ref-33" class="reference"><a href="#cite_note-33"><span class="cite-bracket">[</span>33<span class="cite-bracket">]</span></a></sup> With help of blockchain, tokenization is the process of converting the value of a tangible or intangible asset into a token that can be exchanged on the network. </p><p>This enables the tokenization of conventional financial assets, for instance, by transforming rights into a digital token backed by the asset itself using blockchain technology.<sup id="cite_ref-:2_34-0" class="reference"><a href="#cite_note-:2-34"><span class="cite-bracket">[</span>34<span class="cite-bracket">]</span></a></sup> Besides that, tokenization enables the simple and efficient compartmentalization and management of data across multiple users. Individual tokens created through tokenization can be used to split ownership and partially resell an asset.<sup id="cite_ref-35" class="reference"><a href="#cite_note-35"><span class="cite-bracket">[</span>35<span class="cite-bracket">]</span></a></sup><sup id="cite_ref-36" class="reference"><a href="#cite_note-36"><span class="cite-bracket">[</span>36<span class="cite-bracket">]</span></a></sup> Consequently, only entities with the appropriate token can access the data.<sup id="cite_ref-:2_34-1" class="reference"><a href="#cite_note-:2-34"><span class="cite-bracket">[</span>34<span class="cite-bracket">]</span></a></sup> </p><p>Numerous <a href="/wiki/Blockchain" title="Blockchain">blockchain</a> companies support asset tokenization. In 2019, <a href="/wiki/EToro" title="EToro">eToro</a> acquired Firmo and renamed as eToroX. Through its Token Management Suite, which is backed by USD-pegged stablecoins, eToroX enables asset tokenization.<sup id="cite_ref-37" class="reference"><a href="#cite_note-37"><span class="cite-bracket">[</span>37<span class="cite-bracket">]</span></a></sup><sup id="cite_ref-38" class="reference"><a href="#cite_note-38"><span class="cite-bracket">[</span>38<span class="cite-bracket">]</span></a></sup> </p><p>The tokenization of equity is facilitated by STOKR, a platform that links investors with small and medium-sized businesses. Tokens issued through the STOKR platform are legally recognized as transferable securities under European Union capital market regulations.<sup id="cite_ref-:3_39-0" class="reference"><a href="#cite_note-:3-39"><span class="cite-bracket">[</span>39<span class="cite-bracket">]</span></a></sup> </p><p>Breakers enable tokenization of intellectual property, allowing content creators to issue their own digital tokens. Tokens can be distributed to a variety of project participants. Without intermediaries or governing body, content creators can integrate reward-sharing features into the token.<sup id="cite_ref-:3_39-1" class="reference"><a href="#cite_note-:3-39"><span class="cite-bracket">[</span>39<span class="cite-bracket">]</span></a></sup> </p> <div class="mw-heading mw-heading2"><h2 id="Application_to_alternative_payment_systems">Application to alternative payment systems</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Tokenization_(data_security)&action=edit&section=8" title="Edit section: Application to alternative payment systems"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>Building an alternate payments system requires a number of entities working together in order to deliver <a href="/w/index.php?title=Near_field-communication&action=edit&redlink=1" class="new" title="Near field-communication (page does not exist)">near field-communication</a> (NFC) or other technology based payment services to the end users. One of the issues is the interoperability between the players and to resolve this issue the role of trusted service manager (TSM) is proposed to establish a technical link between <a href="/wiki/Mobile_network_operator" title="Mobile network operator">mobile network operators</a> (MNO) and providers of services, so that these entities can work together. Tokenization can play a role in mediating such services. </p><p>Tokenization as a security strategy lies in the ability to replace a real card number with a surrogate (target removal) and the subsequent limitations placed on the surrogate card number (risk reduction). If the surrogate value can be used in an unlimited fashion or even in a broadly applicable manner, the token value gains as much value as the real credit card number. In these cases, the token may be secured by a second dynamic token that is unique for each transaction and also associated to a specific payment card. Example of dynamic, transaction-specific tokens include cryptograms used in the <a href="/wiki/EMV" title="EMV">EMV</a> specification. </p> <div class="mw-heading mw-heading2"><h2 id="Application_to_PCI_DSS_standards">Application to PCI DSS standards</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Tokenization_(data_security)&action=edit&section=9" title="Edit section: Application to PCI DSS standards"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>The <a href="/wiki/Payment_Card_Industry_Data_Security_Standard" title="Payment Card Industry Data Security Standard">Payment Card Industry Data Security Standard</a>, an industry-wide set of guidelines that must be met by any organization that stores, processes, or transmits cardholder data, mandates that credit card data must be protected when stored.<sup id="cite_ref-40" class="reference"><a href="#cite_note-40"><span class="cite-bracket">[</span>40<span class="cite-bracket">]</span></a></sup> Tokenization, as applied to payment card data, is often implemented to meet this mandate, replacing credit card and ACH numbers in some systems with a random value or string of characters.<sup id="cite_ref-41" class="reference"><a href="#cite_note-41"><span class="cite-bracket">[</span>41<span class="cite-bracket">]</span></a></sup> Tokens can be formatted in a variety of ways.<sup id="cite_ref-42" class="reference"><a href="#cite_note-42"><span class="cite-bracket">[</span>42<span class="cite-bracket">]</span></a></sup> Some token service providers or tokenization products generate the surrogate values in such a way as to match the format of the original sensitive data. In the case of payment card data, a token might be the same length as a Primary Account Number (<a href="/wiki/Bank_card_number" class="mw-redirect" title="Bank card number">bank card number</a>) and contain elements of the original data such as the last four digits of the card number. When a payment card authorization request is made to verify the legitimacy of a transaction, a token might be returned to the merchant instead of the card number, along with the authorization code for the transaction. The token is stored in the receiving system while the actual cardholder data is mapped to the token in a secure tokenization system. Storage of tokens and payment card data must comply with current PCI standards, including the use of <a rel="nofollow" class="external text" href="https://www.pcisecuritystandards.org/security_standards/glossary.php#S">strong cryptography</a>.<sup id="cite_ref-43" class="reference"><a href="#cite_note-43"><span class="cite-bracket">[</span>43<span class="cite-bracket">]</span></a></sup> </p> <div class="mw-heading mw-heading2"><h2 id="Standards_(ANSI,_the_PCI_Council,_Visa,_and_EMV)"><span id="Standards_.28ANSI.2C_the_PCI_Council.2C_Visa.2C_and_EMV.29"></span>Standards (ANSI, the PCI Council, Visa, and EMV)</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Tokenization_(data_security)&action=edit&section=10" title="Edit section: Standards (ANSI, the PCI Council, Visa, and EMV)"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>Tokenization is currently in standards definition in ANSI X9 as <a rel="nofollow" class="external text" href="http://x9.org/wp-content/uploads/2014/01/X9-Tokenization-Webinar-January-2014.pptx%20">X9.119 Part 2</a>. X9 is responsible for the industry standards for financial cryptography and data protection including payment card PIN management, credit and debit card encryption and related technologies and processes. The PCI Council has also stated support for tokenization in reducing risk in data breaches, when combined with other technologies such as Point-to-Point Encryption (P2PE) and assessments of compliance to PCI DSS guidelines.<sup id="cite_ref-44" class="reference"><a href="#cite_note-44"><span class="cite-bracket">[</span>44<span class="cite-bracket">]</span></a></sup> Visa Inc. released Visa Tokenization Best Practices<sup id="cite_ref-45" class="reference"><a href="#cite_note-45"><span class="cite-bracket">[</span>45<span class="cite-bracket">]</span></a></sup> for tokenization uses in credit and debit card handling applications and services. In March 2014, <a rel="nofollow" class="external text" href="http://www.emvco.org">EMVCo LLC</a> released its first payment tokenization specification for <a href="/wiki/EMV" title="EMV">EMV</a>.<sup id="cite_ref-46" class="reference"><a href="#cite_note-46"><span class="cite-bracket">[</span>46<span class="cite-bracket">]</span></a></sup> PCI DSS is the most frequently utilized standard for Tokenization systems used by payment industry players.<sup id="cite_ref-:1_22-1" class="reference"><a href="#cite_note-:1-22"><span class="cite-bracket">[</span>22<span class="cite-bracket">]</span></a></sup> </p> <div class="mw-heading mw-heading2"><h2 id="Risk_reduction">Risk reduction</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Tokenization_(data_security)&action=edit&section=11" title="Edit section: Risk reduction"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>Tokenization can render it more difficult for attackers to gain access to sensitive data outside of the tokenization system or service. Implementation of tokenization may simplify the requirements of the <a href="/wiki/Payment_Card_Industry_Data_Security_Standard" title="Payment Card Industry Data Security Standard">PCI DSS</a>, as systems that no longer store or process sensitive data may have a reduction of applicable controls required by the PCI DSS guidelines. </p><p>As a security best practice,<sup id="cite_ref-47" class="reference"><a href="#cite_note-47"><span class="cite-bracket">[</span>47<span class="cite-bracket">]</span></a></sup> independent assessment and validation of any technologies used for data protection, including tokenization, must be in place to establish the security and strength of the method and implementation before any claims of privacy compliance, regulatory compliance, and data security can be made. This validation is particularly important in tokenization, as the tokens are shared externally in general use and thus exposed in high risk, low trust environments. The infeasibility of reversing a token or set of tokens to a live sensitive data must be established using industry accepted measurements and proofs by appropriate experts independent of the service or solution provider. </p> <div class="mw-heading mw-heading2"><h2 id="Restrictions_on_token_use">Restrictions on token use</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Tokenization_(data_security)&action=edit&section=12" title="Edit section: Restrictions on token use"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>Not all organizational data can be tokenized, and needs to be examined and filtered. </p><p>When databases are utilized on a large scale, they expand exponentially, causing the search process to take longer, restricting system performance, and increasing backup processes. A database that links sensitive information to tokens is called a vault. With the addition of new data, the vault's maintenance workload increases significantly. </p><p>For ensuring database consistency, token databases need to be continuously synchronized. </p><p>Apart from that, secure communication channels must be built between sensitive data and the vault so that data is not compromised on the way to or from storage.<sup id="cite_ref-:0_4-3" class="reference"><a href="#cite_note-:0-4"><span class="cite-bracket">[</span>4<span class="cite-bracket">]</span></a></sup> </p> <div class="mw-heading mw-heading2"><h2 id="See_also">See also</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Tokenization_(data_security)&action=edit&section=13" title="Edit section: See also"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <ul><li><a href="/wiki/Adaptive_Redaction" title="Adaptive Redaction">Adaptive Redaction</a></li> <li><a href="/wiki/PAN_truncation" title="PAN truncation">PAN truncation</a></li> <li><a href="/wiki/Format-preserving_encryption" title="Format-preserving encryption">Format preserving encryption</a></li></ul> <div class="mw-heading mw-heading2"><h2 id="References">References</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Tokenization_(data_security)&action=edit&section=14" title="Edit section: References"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <style data-mw-deduplicate="TemplateStyles:r1239543626">.mw-parser-output .reflist{margin-bottom:0.5em;list-style-type:decimal}@media screen{.mw-parser-output .reflist{font-size:90%}}.mw-parser-output .reflist .references{font-size:100%;margin-bottom:0;list-style-type:inherit}.mw-parser-output .reflist-columns-2{column-width:30em}.mw-parser-output .reflist-columns-3{column-width:25em}.mw-parser-output .reflist-columns{margin-top:0.3em}.mw-parser-output .reflist-columns ol{margin-top:0}.mw-parser-output .reflist-columns li{page-break-inside:avoid;break-inside:avoid-column}.mw-parser-output .reflist-upper-alpha{list-style-type:upper-alpha}.mw-parser-output .reflist-upper-roman{list-style-type:upper-roman}.mw-parser-output .reflist-lower-alpha{list-style-type:lower-alpha}.mw-parser-output .reflist-lower-greek{list-style-type:lower-greek}.mw-parser-output .reflist-lower-roman{list-style-type:lower-roman}</style><div class="reflist reflist-columns references-column-width reflist-columns-2"> <ol class="references"> <li id="cite_note-1"><span class="mw-cite-backlink"><b><a href="#cite_ref-1">^</a></b></span> <span class="reference-text"><style data-mw-deduplicate="TemplateStyles:r1238218222">.mw-parser-output cite.citation{font-style:inherit;word-wrap:break-word}.mw-parser-output .citation q{quotes:"\"""\"""'""'"}.mw-parser-output .citation:target{background-color:rgba(0,127,255,0.133)}.mw-parser-output .id-lock-free.id-lock-free a{background:url("//upload.wikimedia.org/wikipedia/commons/6/65/Lock-green.svg")right 0.1em center/9px no-repeat}.mw-parser-output .id-lock-limited.id-lock-limited a,.mw-parser-output .id-lock-registration.id-lock-registration a{background:url("//upload.wikimedia.org/wikipedia/commons/d/d6/Lock-gray-alt-2.svg")right 0.1em center/9px no-repeat}.mw-parser-output .id-lock-subscription.id-lock-subscription a{background:url("//upload.wikimedia.org/wikipedia/commons/a/aa/Lock-red-alt-2.svg")right 0.1em center/9px no-repeat}.mw-parser-output .cs1-ws-icon a{background:url("//upload.wikimedia.org/wikipedia/commons/4/4c/Wikisource-logo.svg")right 0.1em center/12px no-repeat}body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-free a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-limited a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-registration a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-subscription a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .cs1-ws-icon a{background-size:contain;padding:0 1em 0 0}.mw-parser-output .cs1-code{color:inherit;background:inherit;border:none;padding:inherit}.mw-parser-output .cs1-hidden-error{display:none;color:var(--color-error,#d33)}.mw-parser-output .cs1-visible-error{color:var(--color-error,#d33)}.mw-parser-output .cs1-maint{display:none;color:#085;margin-left:0.3em}.mw-parser-output .cs1-kern-left{padding-left:0.2em}.mw-parser-output .cs1-kern-right{padding-right:0.2em}.mw-parser-output .citation .mw-selflink{font-weight:inherit}@media screen{.mw-parser-output .cs1-format{font-size:95%}html.skin-theme-clientpref-night .mw-parser-output .cs1-maint{color:#18911f}}@media screen and (prefers-color-scheme:dark){html.skin-theme-clientpref-os .mw-parser-output .cs1-maint{color:#18911f}}</style><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20180126000515/https://www.morpho.com/en/media/tokenization-demystified-20170919">"Tokenization demystified"</a>. <i>IDEMIA</i>. 2017-09-19. Archived from <a rel="nofollow" class="external text" href="https://www.morpho.com/en/media/tokenization-demystified-20170919">the original</a> on 2018-01-26<span class="reference-accessdate">. Retrieved <span class="nowrap">2018-01-26</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=IDEMIA&rft.atitle=Tokenization+demystified&rft.date=2017-09-19&rft_id=https%3A%2F%2Fwww.morpho.com%2Fen%2Fmedia%2Ftokenization-demystified-20170919&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-2"><span class="mw-cite-backlink"><b><a href="#cite_ref-2">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20180102223251/https://squareup.com/townsquare/what-does-tokenization-actually-mean">"Payment Tokenization Explained"</a>. <i>Square</i>. 8 October 2014. Archived from <a rel="nofollow" class="external text" href="https://squareup.com/townsquare/what-does-tokenization-actually-mean">the original</a> on 2018-01-02<span class="reference-accessdate">. Retrieved <span class="nowrap">2018-01-26</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Square&rft.atitle=Payment+Tokenization+Explained&rft.date=2014-10-08&rft_id=https%3A%2F%2Fsquareup.com%2Ftownsquare%2Fwhat-does-tokenization-actually-mean&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-3"><span class="mw-cite-backlink"><b><a href="#cite_ref-3">^</a></b></span> <span class="reference-text"><a rel="nofollow" class="external text" href="http://www.3dsi.com/blog/credit-card-tokenization-101">CardVault: "Tokenization 101"</a></span> </li> <li id="cite_note-:0-4"><span class="mw-cite-backlink">^ <a href="#cite_ref-:0_4-0"><sup><i><b>a</b></i></sup></a> <a href="#cite_ref-:0_4-1"><sup><i><b>b</b></i></sup></a> <a href="#cite_ref-:0_4-2"><sup><i><b>c</b></i></sup></a> <a href="#cite_ref-:0_4-3"><sup><i><b>d</b></i></sup></a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFOgigau-Neamtiu2016" class="citation journal cs1">Ogigau-Neamtiu, F. (2016). "Tokenization as a data security technique". Regional Department of Defense Resources Management Studies. <i>Zeszyty Naukowe AON</i>. <b>2</b> (103). Brasov, Romania: Akademia Sztuki Wojennej: <span class="nowrap">124–</span>135. <a href="/wiki/ISSN_(identifier)" class="mw-redirect" title="ISSN (identifier)">ISSN</a> <a rel="nofollow" class="external text" href="https://search.worldcat.org/issn/0867-2245">0867-2245</a>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Zeszyty+Naukowe+AON&rft.atitle=Tokenization+as+a+data+security+technique&rft.volume=2&rft.issue=103&rft.pages=%3Cspan+class%3D%22nowrap%22%3E124-%3C%2Fspan%3E135&rft.date=2016&rft.issn=0867-2245&rft.aulast=Ogigau-Neamtiu&rft.aufirst=F.&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-5"><span class="mw-cite-backlink"><b><a href="#cite_ref-5">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFOgîgău-Neamţiu2017" class="citation journal cs1">Ogîgău-Neamţiu, F. (2017). "Automating the data security process". <i>Journal of Defense Resources Management (JoDRM)</i>. <b>8</b> (2).</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Journal+of+Defense+Resources+Management+%28JoDRM%29&rft.atitle=Automating+the+data+security+process&rft.volume=8&rft.issue=2&rft.date=2017&rft.aulast=Og%C3%AEg%C4%83u-Neam%C5%A3iu&rft.aufirst=F.&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-6"><span class="mw-cite-backlink"><b><a href="#cite_ref-6">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20191201191321/https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project">"OWASP Top Ten Project"</a>. Archived from <a rel="nofollow" class="external text" href="https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project">the original</a> on 2019-12-01<span class="reference-accessdate">. Retrieved <span class="nowrap">2014-04-01</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=OWASP+Top+Ten+Project&rft_id=https%3A%2F%2Fwww.owasp.org%2Findex.php%2FCategory%3AOWASP_Top_Ten_Project&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-7"><span class="mw-cite-backlink"><b><a href="#cite_ref-7">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFStapletonPoore2011" class="citation journal cs1">Stapleton, J.; Poore, R. S. (2011). "Tokenization and other methods of security for cardholder data". <i>Information Security Journal: A Global Perspective</i>. <b>20</b> (2): <span class="nowrap">91–</span>99. <a href="/wiki/Doi_(identifier)" class="mw-redirect" title="Doi (identifier)">doi</a>:<a rel="nofollow" class="external text" href="https://doi.org/10.1080%2F19393555.2011.560923">10.1080/19393555.2011.560923</a>. <a href="/wiki/S2CID_(identifier)" class="mw-redirect" title="S2CID (identifier)">S2CID</a> <a rel="nofollow" class="external text" href="https://api.semanticscholar.org/CorpusID:46272415">46272415</a>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Information+Security+Journal%3A+A+Global+Perspective&rft.atitle=Tokenization+and+other+methods+of+security+for+cardholder+data&rft.volume=20&rft.issue=2&rft.pages=%3Cspan+class%3D%22nowrap%22%3E91-%3C%2Fspan%3E99&rft.date=2011&rft_id=info%3Adoi%2F10.1080%2F19393555.2011.560923&rft_id=https%3A%2F%2Fapi.semanticscholar.org%2FCorpusID%3A46272415%23id-name%3DS2CID&rft.aulast=Stapleton&rft.aufirst=J.&rft.au=Poore%2C+R.+S.&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-8"><span class="mw-cite-backlink"><b><a href="#cite_ref-8">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFY.2010" class="citation book cs1">Y., Habash, Nizar (2010). <a rel="nofollow" class="external text" href="http://worldcat.org/oclc/1154286658"><i>Introduction to Arabic natural language processing</i></a>. Morgan & Claypool. <a href="/wiki/ISBN_(identifier)" class="mw-redirect" title="ISBN (identifier)">ISBN</a> <a href="/wiki/Special:BookSources/978-1-59829-796-6" title="Special:BookSources/978-1-59829-796-6"><bdi>978-1-59829-796-6</bdi></a>. <a href="/wiki/OCLC_(identifier)" class="mw-redirect" title="OCLC (identifier)">OCLC</a> <a rel="nofollow" class="external text" href="https://search.worldcat.org/oclc/1154286658">1154286658</a>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=book&rft.btitle=Introduction+to+Arabic+natural+language+processing&rft.pub=Morgan+%26+Claypool&rft.date=2010&rft_id=info%3Aoclcnum%2F1154286658&rft.isbn=978-1-59829-796-6&rft.aulast=Y.&rft.aufirst=Habash%2C+Nizar&rft_id=http%3A%2F%2Fworldcat.org%2Foclc%2F1154286658&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span><span class="cs1-maint citation-comment"><code class="cs1-code">{{<a href="/wiki/Template:Cite_book" title="Template:Cite book">cite book</a>}}</code>: CS1 maint: multiple names: authors list (<a href="/wiki/Category:CS1_maint:_multiple_names:_authors_list" title="Category:CS1 maint: multiple names: authors list">link</a>)</span></span> </li> <li id="cite_note-9"><span class="mw-cite-backlink"><b><a href="#cite_ref-9">^</a></b></span> <span class="reference-text"><a rel="nofollow" class="external text" href="https://www.pcisecuritystandards.org/documents/Tokenization_Guidelines_Info_Supplement.pdf">PCI DSS Tokenization Guidelines</a></span> </li> <li id="cite_note-10"><span class="mw-cite-backlink"><b><a href="#cite_ref-10">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFRolfe2015" class="citation news cs1">Rolfe, Alex (May 2015). <a rel="nofollow" class="external text" href="https://www.paymentscardsandmobile.com/the-fall-and-rise-of-tokenization/">"The fall and rise of Tokenization"</a><span class="reference-accessdate">. Retrieved <span class="nowrap">27 September</span> 2022</span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=The+fall+and+rise+of+Tokenization&rft.date=2015-05&rft.aulast=Rolfe&rft.aufirst=Alex&rft_id=https%3A%2F%2Fwww.paymentscardsandmobile.com%2Fthe-fall-and-rise-of-tokenization%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-11"><span class="mw-cite-backlink"><b><a href="#cite_ref-11">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFXuPautassoZhuLu2018" class="citation book cs1">Xu, Xiwei; Pautasso, Cesare; Zhu, Liming; Lu, Qinghua; Weber, Ingo (2018-07-04). <a rel="nofollow" class="external text" href="https://doi.org/10.1145/3282308.3282312">"A Pattern Collection for Blockchain-based Applications"</a>. <i>Proceedings of the 23rd European Conference on Pattern Languages of Programs</i>. EuroPLoP '18. New York, NY, USA: Association for Computing Machinery. pp. <span class="nowrap">1–</span>20. <a href="/wiki/Doi_(identifier)" class="mw-redirect" title="Doi (identifier)">doi</a>:<a rel="nofollow" class="external text" href="https://doi.org/10.1145%2F3282308.3282312">10.1145/3282308.3282312</a>. <a href="/wiki/ISBN_(identifier)" class="mw-redirect" title="ISBN (identifier)">ISBN</a> <a href="/wiki/Special:BookSources/978-1-4503-6387-7" title="Special:BookSources/978-1-4503-6387-7"><bdi>978-1-4503-6387-7</bdi></a>. <a href="/wiki/S2CID_(identifier)" class="mw-redirect" title="S2CID (identifier)">S2CID</a> <a rel="nofollow" class="external text" href="https://api.semanticscholar.org/CorpusID:57760415">57760415</a>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=bookitem&rft.atitle=A+Pattern+Collection+for+Blockchain-based+Applications&rft.btitle=Proceedings+of+the+23rd+European+Conference+on+Pattern+Languages+of+Programs&rft.place=New+York%2C+NY%2C+USA&rft.series=EuroPLoP+%2718&rft.pages=%3Cspan+class%3D%22nowrap%22%3E1-%3C%2Fspan%3E20&rft.pub=Association+for+Computing+Machinery&rft.date=2018-07-04&rft_id=https%3A%2F%2Fapi.semanticscholar.org%2FCorpusID%3A57760415%23id-name%3DS2CID&rft_id=info%3Adoi%2F10.1145%2F3282308.3282312&rft.isbn=978-1-4503-6387-7&rft.aulast=Xu&rft.aufirst=Xiwei&rft.au=Pautasso%2C+Cesare&rft.au=Zhu%2C+Liming&rft.au=Lu%2C+Qinghua&rft.au=Weber%2C+Ingo&rft_id=https%3A%2F%2Fdoi.org%2F10.1145%2F3282308.3282312&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-12"><span class="mw-cite-backlink"><b><a href="#cite_ref-12">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFMillmoreFoskolouMondelloKroll" class="citation news cs1">Millmore, B.; Foskolou, V.; Mondello, C.; Kroll, J.; Upadhyay, S.; Wilding, D. <a rel="nofollow" class="external text" href="https://warwick.ac.uk/fac/arts/classics/research/dept_projects/tcam/events/tccc/tokens_programme.pdf">"Tokens: Culture, Connections, Communities: Final Programme"</a> <span class="cs1-format">(PDF)</span>. The University of Warwick.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Tokens%3A+Culture%2C+Connections%2C+Communities%3A+Final+Programme&rft.aulast=Millmore&rft.aufirst=B.&rft.au=Foskolou%2C+V.&rft.au=Mondello%2C+C.&rft.au=Kroll%2C+J.&rft.au=Upadhyay%2C+S.&rft.au=Wilding%2C+D.&rft_id=https%3A%2F%2Fwarwick.ac.uk%2Ffac%2Farts%2Fclassics%2Fresearch%2Fdept_projects%2Ftcam%2Fevents%2Ftccc%2Ftokens_programme.pdf&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-13"><span class="mw-cite-backlink"><b><a href="#cite_ref-13">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFLinkLukovićMogin2010" class="citation news cs1">Link, S.; Luković, I.; Mogin, P. (2010). "Performance evaluation of natural and surrogate key database architectures". <i>School of Engineering and Computer Science, Victoria University of Wellington</i>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=School+of+Engineering+and+Computer+Science%2C+Victoria+University+of+Wellington&rft.atitle=Performance+evaluation+of+natural+and+surrogate+key+database+architectures&rft.date=2010&rft.aulast=Link&rft.aufirst=S.&rft.au=Lukovi%C4%87%2C+I.&rft.au=Mogin%2C+P.&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-14"><span class="mw-cite-backlink"><b><a href="#cite_ref-14">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFHallOwlettTodd1976" class="citation web cs1">Hall, P.; Owlett, J.; Todd, S. (1976). "Relations and entities. Modelling in Database Management Systems". GM Nijssen.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Relations+and+entities.+Modelling+in+Database+Management+Systems&rft.pub=GM+Nijssen&rft.date=1976&rft.aulast=Hall&rft.aufirst=P.&rft.au=Owlett%2C+J.&rft.au=Todd%2C+S.&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span> <span class="cs1-visible-error citation-comment"><code class="cs1-code">{{<a href="/wiki/Template:Cite_web" title="Template:Cite web">cite web</a>}}</code>: </span><span class="cs1-visible-error citation-comment">Missing or empty <code class="cs1-code">|url=</code> (<a href="/wiki/Help:CS1_errors#cite_web_url" title="Help:CS1 errors">help</a>)</span></span> </li> <li id="cite_note-15"><span class="mw-cite-backlink"><b><a href="#cite_ref-15">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20121103225221/http://www.hotel-online.com/News/PR2005_4th/Oct05_Shift4.html">"Tokenization eases merchant PCI compliance"</a>. Archived from <a rel="nofollow" class="external text" href="http://www.hotel-online.com/News/PR2005_4th/Oct05_Shift4.html">the original</a> on 2012-11-03<span class="reference-accessdate">. Retrieved <span class="nowrap">2013-03-28</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Tokenization+eases+merchant+PCI+compliance&rft_id=http%3A%2F%2Fwww.hotel-online.com%2FNews%2FPR2005_4th%2FOct05_Shift4.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-16"><span class="mw-cite-backlink"><b><a href="#cite_ref-16">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20140313203320/http://www.reuters.com/article/2008/09/17/idUS168810+17-Sep-2008+PRN20080917">"Shift4 Corporation Releases Tokenization in Depth White Paper"</a>. <i><a href="/wiki/Reuters" title="Reuters">Reuters</a></i>. Archived from <a rel="nofollow" class="external text" href="https://www.reuters.com/article/2008/09/17/idUS168810+17-Sep-2008+PRN20080917">the original</a> on 2014-03-13<span class="reference-accessdate">. Retrieved <span class="nowrap">2017-07-02</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Reuters&rft.atitle=Shift4+Corporation+Releases+Tokenization+in+Depth+White+Paper&rft_id=https%3A%2F%2Fwww.reuters.com%2Farticle%2F2008%2F09%2F17%2FidUS168810%2B17-Sep-2008%2BPRN20080917&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-17"><span class="mw-cite-backlink"><b><a href="#cite_ref-17">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation magazine cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20150218062740/https://www.internetretailer.com/2005/10/13/shift4-launches-security-tool-that-lets-merchants-re-use-credit">"Shift4 Launches Security Tool That Lets Merchants Re-Use Credit Card Data"</a>. <i>Internet Retailer</i>. Archived from <a rel="nofollow" class="external text" href="http://www.internetretailer.com/internet/marketing-conference/36258-shift4-launches-security-tool-that-lets-merchants-re-use-credit-card-data.html">the original</a> on 2015-02-18.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Internet+Retailer&rft.atitle=Shift4+Launches+Security+Tool+That+Lets+Merchants+Re-Use+Credit+Card+Data&rft_id=http%3A%2F%2Fwww.internetretailer.com%2Finternet%2Fmarketing-conference%2F36258-shift4-launches-security-tool-that-lets-merchants-re-use-credit-card-data.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-18"><span class="mw-cite-backlink"><b><a href="#cite_ref-18">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20110716055923/http://www.shift4.com/pr_20080917_tokenizationindepth.cfm">"Shift4 Corporation Releases Tokenization in Depth White Paper"</a>. Archived from <a rel="nofollow" class="external text" href="http://www.shift4.com/pr_20080917_tokenizationindepth.cfm">the original</a> on 2011-07-16<span class="reference-accessdate">. Retrieved <span class="nowrap">2010-09-17</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Shift4+Corporation+Releases+Tokenization+in+Depth+White+Paper&rft_id=http%3A%2F%2Fwww.shift4.com%2Fpr_20080917_tokenizationindepth.cfm&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-19"><span class="mw-cite-backlink"><b><a href="#cite_ref-19">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="http://webarchive.loc.gov/all/20130502162448/http://www.philadelphiafed.org/consumer-credit-and-payments/payment-cards-center/publications/discussion-papers/2010/D-2010-January-Heartland-Payment-Systems.pdf">"Lessons Learned from a Data Breach"</a> <span class="cs1-format">(PDF)</span>. Archived from <a rel="nofollow" class="external text" href="http://philadelphiafed.org/consumer-credit-and-payments/payment-cards-center/publications/discussion-papers/2010/D-2010-January-Heartland-Payment-Systems.pdf">the original</a> <span class="cs1-format">(PDF)</span> on 2013-05-02<span class="reference-accessdate">. Retrieved <span class="nowrap">2014-04-01</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Lessons+Learned+from+a+Data+Breach&rft_id=http%3A%2F%2Fphiladelphiafed.org%2Fconsumer-credit-and-payments%2Fpayment-cards-center%2Fpublications%2Fdiscussion-papers%2F2010%2FD-2010-January-Heartland-Payment-Systems.pdf&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-20"><span class="mw-cite-backlink"><b><a href="#cite_ref-20">^</a></b></span> <span class="reference-text"><a rel="nofollow" class="external text" href="https://archive.today/20140401073840/http://www.eweek.com/c/a/IT-Infrastructure/Voltage-Ingencio-Partner-on-Data-Encryption-Platform-559537/">Voltage, Ingencio Partner on Data Encryption Platform</a></span> </li> <li id="cite_note-21"><span class="mw-cite-backlink"><b><a href="#cite_ref-21">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFOgigau-Neamtiu2016" class="citation journal cs1">Ogigau-Neamtiu, F. (2016). <a rel="nofollow" class="external text" href="http://yadda.icm.edu.pl/baztech/element/bwmeta1.element.baztech-7680b362-6a77-420a-aff6-9409bfb9efe6">"Tokenization as a data security technique"</a>. <i>Zeszyty Naukowe AON</i>. <b>2</b> (103). <a href="/wiki/ISSN_(identifier)" class="mw-redirect" title="ISSN (identifier)">ISSN</a> <a rel="nofollow" class="external text" href="https://search.worldcat.org/issn/0867-2245">0867-2245</a>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Zeszyty+Naukowe+AON&rft.atitle=Tokenization+as+a+data+security+technique&rft.volume=2&rft.issue=103&rft.date=2016&rft.issn=0867-2245&rft.aulast=Ogigau-Neamtiu&rft.aufirst=F.&rft_id=http%3A%2F%2Fyadda.icm.edu.pl%2Fbaztech%2Felement%2Fbwmeta1.element.baztech-7680b362-6a77-420a-aff6-9409bfb9efe6&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-:1-22"><span class="mw-cite-backlink">^ <a href="#cite_ref-:1_22-0"><sup><i><b>a</b></i></sup></a> <a href="#cite_ref-:1_22-1"><sup><i><b>b</b></i></sup></a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFOzdenizciOkCoskun2016" class="citation journal cs1">Ozdenizci, Busra; Ok, Kerem; Coskun, Vedat (2016-11-30). <a rel="nofollow" class="external text" href="https://doi.org/10.1155%2F2016%2F5046284">"A Tokenization-Based Communication Architecture for HCE-Enabled NFC Services"</a>. <i>Mobile Information Systems</i>. <b>2016</b>: e5046284. <a href="/wiki/Doi_(identifier)" class="mw-redirect" title="Doi (identifier)">doi</a>:<span class="id-lock-free" title="Freely accessible"><a rel="nofollow" class="external text" href="https://doi.org/10.1155%2F2016%2F5046284">10.1155/2016/5046284</a></span>. <a href="/wiki/Hdl_(identifier)" class="mw-redirect" title="Hdl (identifier)">hdl</a>:<span class="id-lock-free" title="Freely accessible"><a rel="nofollow" class="external text" href="https://hdl.handle.net/11729%2F1190">11729/1190</a></span>. <a href="/wiki/ISSN_(identifier)" class="mw-redirect" title="ISSN (identifier)">ISSN</a> <a rel="nofollow" class="external text" href="https://search.worldcat.org/issn/1574-017X">1574-017X</a>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Mobile+Information+Systems&rft.atitle=A+Tokenization-Based+Communication+Architecture+for+HCE-Enabled+NFC+Services&rft.volume=2016&rft.pages=e5046284&rft.date=2016-11-30&rft_id=info%3Ahdl%2F11729%2F1190&rft.issn=1574-017X&rft_id=info%3Adoi%2F10.1155%2F2016%2F5046284&rft.aulast=Ozdenizci&rft.aufirst=Busra&rft.au=Ok%2C+Kerem&rft.au=Coskun%2C+Vedat&rft_id=https%3A%2F%2Fdoi.org%2F10.1155%252F2016%252F5046284&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-23"><span class="mw-cite-backlink"><b><a href="#cite_ref-23">^</a></b></span> <span class="reference-text">O’hare, K., Jurek-Loughrey, A., & De Campos, C. (2022). High-Value Token-Blocking: Efficient Blocking Method for Record Linkage. ACM Transactions on Knowledge Discovery from Data, 16(2), 1–17. <a rel="nofollow" class="external free" href="https://doi.org/10.1145/3450527">https://doi.org/10.1145/3450527</a></span> </li> <li id="cite_note-24"><span class="mw-cite-backlink"><b><a href="#cite_ref-24">^</a></b></span> <span class="reference-text"><a rel="nofollow" class="external text" href="https://www.pcisecuritystandards.org/documents/Tokenization_Guidelines_Info_Supplement.pdf">PCI Council Tokenization Guidelines</a></span> </li> <li id="cite_note-25"><span class="mw-cite-backlink"><b><a href="#cite_ref-25">^</a></b></span> <span class="reference-text"><a rel="nofollow" class="external text" href="http://blog.cryptographyengineering.com/2014/03/how-do-you-know-if-rng-is-working.html">How do you know if an RNG is working?</a></span> </li> <li id="cite_note-26"><span class="mw-cite-backlink"><b><a href="#cite_ref-26">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFGimenezCherkaouiFrischFesquet2017" class="citation book cs1">Gimenez, Gregoire; Cherkaoui, Abdelkarim; Frisch, Raphael; Fesquet, Laurent (2017-07-01). <a rel="nofollow" class="external text" href="https://ieeexplore.ieee.org/document/8031541">"Self-timed Ring based True Random Number Generator: Threat model and countermeasures"</a>. <i>2017 IEEE 2nd International Verification and Security Workshop (IVSW)</i>. Thessaloniki, Greece: IEEE. pp. <span class="nowrap">31–</span>38. <a href="/wiki/Doi_(identifier)" class="mw-redirect" title="Doi (identifier)">doi</a>:<a rel="nofollow" class="external text" href="https://doi.org/10.1109%2FIVSW.2017.8031541">10.1109/IVSW.2017.8031541</a>. <a href="/wiki/ISBN_(identifier)" class="mw-redirect" title="ISBN (identifier)">ISBN</a> <a href="/wiki/Special:BookSources/978-1-5386-1708-3" title="Special:BookSources/978-1-5386-1708-3"><bdi>978-1-5386-1708-3</bdi></a>. <a href="/wiki/S2CID_(identifier)" class="mw-redirect" title="S2CID (identifier)">S2CID</a> <a rel="nofollow" class="external text" href="https://api.semanticscholar.org/CorpusID:10190423">10190423</a>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=bookitem&rft.atitle=Self-timed+Ring+based+True+Random+Number+Generator%3A+Threat+model+and+countermeasures&rft.btitle=2017+IEEE+2nd+International+Verification+and+Security+Workshop+%28IVSW%29&rft.place=Thessaloniki%2C+Greece&rft.pages=%3Cspan+class%3D%22nowrap%22%3E31-%3C%2Fspan%3E38&rft.pub=IEEE&rft.date=2017-07-01&rft_id=https%3A%2F%2Fapi.semanticscholar.org%2FCorpusID%3A10190423%23id-name%3DS2CID&rft_id=info%3Adoi%2F10.1109%2FIVSW.2017.8031541&rft.isbn=978-1-5386-1708-3&rft.aulast=Gimenez&rft.aufirst=Gregoire&rft.au=Cherkaoui%2C+Abdelkarim&rft.au=Frisch%2C+Raphael&rft.au=Fesquet%2C+Laurent&rft_id=https%3A%2F%2Fieeexplore.ieee.org%2Fdocument%2F8031541&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-27"><span class="mw-cite-backlink"><b><a href="#cite_ref-27">^</a></b></span> <span class="reference-text"> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFVijayan2014" class="citation web cs1">Vijayan, Jaikumar (2014-02-12). <a rel="nofollow" class="external text" href="https://www.computerworld.com/article/2487635/banks-push-for-tokenization-standard-to-secure-credit-card-payments.html">"Banks push for tokenization standard to secure credit card payments"</a>. <i>Computerworld</i><span class="reference-accessdate">. Retrieved <span class="nowrap">2022-11-23</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Computerworld&rft.atitle=Banks+push+for+tokenization+standard+to+secure+credit+card+payments&rft.date=2014-02-12&rft.aulast=Vijayan&rft.aufirst=Jaikumar&rft_id=https%3A%2F%2Fwww.computerworld.com%2Farticle%2F2487635%2Fbanks-push-for-tokenization-standard-to-secure-credit-card-payments.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-28"><span class="mw-cite-backlink"><b><a href="#cite_ref-28">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFMark2018" class="citation news cs1">Mark, S. J. (2018). "De-identification of personal information for use in software testing to ensure compliance with the Protection of Personal Information Act".</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=De-identification+of+personal+information+for+use+in+software+testing+to+ensure+compliance+with+the+Protection+of+Personal+Information+Act&rft.date=2018&rft.aulast=Mark&rft.aufirst=S.+J.&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-29"><span class="mw-cite-backlink"><b><a href="#cite_ref-29">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20141104055035/http://about.americanexpress.com/news/pr/2014/amex-intros-online-mobile-payment-security.aspx">"American Express Introduces New Online and Mobile Payment Security Services"</a>. <i>AmericanExpress.com</i>. 3 November 2014. Archived from <a rel="nofollow" class="external text" href="http://about.americanexpress.com/news/pr/2014/amex-intros-online-mobile-payment-security.aspx">the original</a> on 2014-11-04<span class="reference-accessdate">. Retrieved <span class="nowrap">2014-11-04</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=AmericanExpress.com&rft.atitle=American+Express+Introduces+New+Online+and+Mobile+Payment+Security+Services&rft.date=2014-11-03&rft_id=http%3A%2F%2Fabout.americanexpress.com%2Fnews%2Fpr%2F2014%2Famex-intros-online-mobile-payment-security.aspx&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-30"><span class="mw-cite-backlink"><b><a href="#cite_ref-30">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://developer.apple.com/library/archive/ApplePay_Guide/index.html">"Apple Pay Programming Guide: About Apple Pay"</a>. <i>developer.apple.com</i><span class="reference-accessdate">. Retrieved <span class="nowrap">2022-11-23</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=developer.apple.com&rft.atitle=Apple+Pay+Programming+Guide%3A+About+Apple+Pay&rft_id=https%3A%2F%2Fdeveloper.apple.com%2Flibrary%2Farchive%2FApplePay_Guide%2Findex.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-31"><span class="mw-cite-backlink"><b><a href="#cite_ref-31">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://usa.visa.com/products/visa-token-service.html">"Visa Token Service"</a>. <i>usa.visa.com</i><span class="reference-accessdate">. Retrieved <span class="nowrap">2022-11-23</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=usa.visa.com&rft.atitle=Visa+Token+Service&rft_id=https%3A%2F%2Fusa.visa.com%2Fproducts%2Fvisa-token-service.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-32"><span class="mw-cite-backlink"><b><a href="#cite_ref-32">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFBeckAvitalRossiThatcher2017" class="citation journal cs1">Beck, Roman; Avital, Michel; Rossi, Matti; Thatcher, Jason Bennett (2017-12-01). <a rel="nofollow" class="external text" href="https://doi.org/10.1007%2Fs12599-017-0505-1">"Blockchain Technology in Business and Information Systems Research"</a>. <i>Business & Information Systems Engineering</i>. <b>59</b> (6): <span class="nowrap">381–</span>384. <a href="/wiki/Doi_(identifier)" class="mw-redirect" title="Doi (identifier)">doi</a>:<span class="id-lock-free" title="Freely accessible"><a rel="nofollow" class="external text" href="https://doi.org/10.1007%2Fs12599-017-0505-1">10.1007/s12599-017-0505-1</a></span>. <a href="/wiki/ISSN_(identifier)" class="mw-redirect" title="ISSN (identifier)">ISSN</a> <a rel="nofollow" class="external text" href="https://search.worldcat.org/issn/1867-0202">1867-0202</a>. <a href="/wiki/S2CID_(identifier)" class="mw-redirect" title="S2CID (identifier)">S2CID</a> <a rel="nofollow" class="external text" href="https://api.semanticscholar.org/CorpusID:3493388">3493388</a>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Business+%26+Information+Systems+Engineering&rft.atitle=Blockchain+Technology+in+Business+and+Information+Systems+Research&rft.volume=59&rft.issue=6&rft.pages=%3Cspan+class%3D%22nowrap%22%3E381-%3C%2Fspan%3E384&rft.date=2017-12-01&rft_id=https%3A%2F%2Fapi.semanticscholar.org%2FCorpusID%3A3493388%23id-name%3DS2CID&rft.issn=1867-0202&rft_id=info%3Adoi%2F10.1007%2Fs12599-017-0505-1&rft.aulast=Beck&rft.aufirst=Roman&rft.au=Avital%2C+Michel&rft.au=Rossi%2C+Matti&rft.au=Thatcher%2C+Jason+Bennett&rft_id=https%3A%2F%2Fdoi.org%2F10.1007%252Fs12599-017-0505-1&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-33"><span class="mw-cite-backlink"><b><a href="#cite_ref-33">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFÇebiBolatAtanErzurumlu2021" class="citation news cs1">Çebi, F.; Bolat, H.B.; Atan, T.; Erzurumlu, Ö. Y. (2021). "International Engineering and Technology Management Summit 2021–ETMS2021 Proceeding Book". İstanbul Technical University & Bahçeşehir University. <a href="/wiki/ISBN_(identifier)" class="mw-redirect" title="ISBN (identifier)">ISBN</a> <a href="/wiki/Special:BookSources/978-975-561-522-6" title="Special:BookSources/978-975-561-522-6"><bdi>978-975-561-522-6</bdi></a>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=International+Engineering+and+Technology+Management+Summit+2021%E2%80%93ETMS2021+Proceeding+Book&rft.date=2021&rft.isbn=978-975-561-522-6&rft.aulast=%C3%87ebi&rft.aufirst=F.&rft.au=Bolat%2C+H.B.&rft.au=Atan%2C+T.&rft.au=Erzurumlu%2C+%C3%96.+Y.&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-:2-34"><span class="mw-cite-backlink">^ <a href="#cite_ref-:2_34-0"><sup><i><b>a</b></i></sup></a> <a href="#cite_ref-:2_34-1"><sup><i><b>b</b></i></sup></a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFMorrowZarrebini2019" class="citation journal cs1">Morrow; Zarrebini (2019-10-22). <a rel="nofollow" class="external text" href="https://doi.org/10.3390%2Ffi11100220">"Blockchain and the Tokenization of the Individual: Societal Implications"</a>. <i>Future Internet</i>. <b>11</b> (10): 220. <a href="/wiki/Doi_(identifier)" class="mw-redirect" title="Doi (identifier)">doi</a>:<span class="id-lock-free" title="Freely accessible"><a rel="nofollow" class="external text" href="https://doi.org/10.3390%2Ffi11100220">10.3390/fi11100220</a></span>. <a href="/wiki/ISSN_(identifier)" class="mw-redirect" title="ISSN (identifier)">ISSN</a> <a rel="nofollow" class="external text" href="https://search.worldcat.org/issn/1999-5903">1999-5903</a>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Future+Internet&rft.atitle=Blockchain+and+the+Tokenization+of+the+Individual%3A+Societal+Implications&rft.volume=11&rft.issue=10&rft.pages=220&rft.date=2019-10-22&rft_id=info%3Adoi%2F10.3390%2Ffi11100220&rft.issn=1999-5903&rft.au=Morrow&rft.au=Zarrebini&rft_id=https%3A%2F%2Fdoi.org%2F10.3390%252Ffi11100220&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-35"><span class="mw-cite-backlink"><b><a href="#cite_ref-35">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFTianLuAdriaensMinchin2020" class="citation journal cs1">Tian, Yifeng; Lu, Zheng; Adriaens, Peter; Minchin, R. Edward; Caithness, Alastair; Woo, Junghoon (2020). <a rel="nofollow" class="external text" href="https://link.springer.com/10.1007/s42524-020-0140-2">"Finance infrastructure through blockchain-based tokenization"</a>. <i>Frontiers of Engineering Management</i>. <b>7</b> (4): <span class="nowrap">485–</span>499. <a href="/wiki/Doi_(identifier)" class="mw-redirect" title="Doi (identifier)">doi</a>:<a rel="nofollow" class="external text" href="https://doi.org/10.1007%2Fs42524-020-0140-2">10.1007/s42524-020-0140-2</a>. <a href="/wiki/ISSN_(identifier)" class="mw-redirect" title="ISSN (identifier)">ISSN</a> <a rel="nofollow" class="external text" href="https://search.worldcat.org/issn/2095-7513">2095-7513</a>. <a href="/wiki/S2CID_(identifier)" class="mw-redirect" title="S2CID (identifier)">S2CID</a> <a rel="nofollow" class="external text" href="https://api.semanticscholar.org/CorpusID:226335872">226335872</a>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Frontiers+of+Engineering+Management&rft.atitle=Finance+infrastructure+through+blockchain-based+tokenization&rft.volume=7&rft.issue=4&rft.pages=%3Cspan+class%3D%22nowrap%22%3E485-%3C%2Fspan%3E499&rft.date=2020&rft_id=https%3A%2F%2Fapi.semanticscholar.org%2FCorpusID%3A226335872%23id-name%3DS2CID&rft.issn=2095-7513&rft_id=info%3Adoi%2F10.1007%2Fs42524-020-0140-2&rft.aulast=Tian&rft.aufirst=Yifeng&rft.au=Lu%2C+Zheng&rft.au=Adriaens%2C+Peter&rft.au=Minchin%2C+R.+Edward&rft.au=Caithness%2C+Alastair&rft.au=Woo%2C+Junghoon&rft_id=https%3A%2F%2Flink.springer.com%2F10.1007%2Fs42524-020-0140-2&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-36"><span class="mw-cite-backlink"><b><a href="#cite_ref-36">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFRossJensenAsheim2019" class="citation journal cs1">Ross, Omri; Jensen, Johannes Rude; Asheim, Truls (2019-11-16). <a rel="nofollow" class="external text" href="https://papers.ssrn.com/abstract=3488344">"Assets under Tokenization"</a>. Rochester, NY. <a href="/wiki/Doi_(identifier)" class="mw-redirect" title="Doi (identifier)">doi</a>:<a rel="nofollow" class="external text" href="https://doi.org/10.2139%2Fssrn.3488344">10.2139/ssrn.3488344</a>. <a href="/wiki/S2CID_(identifier)" class="mw-redirect" title="S2CID (identifier)">S2CID</a> <a rel="nofollow" class="external text" href="https://api.semanticscholar.org/CorpusID:219366539">219366539</a>. <a href="/wiki/SSRN_(identifier)" class="mw-redirect" title="SSRN (identifier)">SSRN</a> <a rel="nofollow" class="external text" href="https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3488344">3488344</a>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Assets+under+Tokenization&rft.date=2019-11-16&rft_id=https%3A%2F%2Fapi.semanticscholar.org%2FCorpusID%3A219366539%23id-name%3DS2CID&rft_id=https%3A%2F%2Fpapers.ssrn.com%2Fsol3%2Fpapers.cfm%3Fabstract_id%3D3488344%23id-name%3DSSRN&rft_id=info%3Adoi%2F10.2139%2Fssrn.3488344&rft.aulast=Ross&rft.aufirst=Omri&rft.au=Jensen%2C+Johannes+Rude&rft.au=Asheim%2C+Truls&rft_id=https%3A%2F%2Fpapers.ssrn.com%2Fabstract%3D3488344&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span> <span class="cs1-visible-error citation-comment"><code class="cs1-code">{{<a href="/wiki/Template:Cite_journal" title="Template:Cite journal">cite journal</a>}}</code>: </span><span class="cs1-visible-error citation-comment">Cite journal requires <code class="cs1-code">|journal=</code> (<a href="/wiki/Help:CS1_errors#missing_periodical" title="Help:CS1 errors">help</a>)</span></span> </li> <li id="cite_note-37"><span class="mw-cite-backlink"><b><a href="#cite_ref-37">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFTabatabai2019" class="citation web cs1">Tabatabai, Arman (2019-03-25). <a rel="nofollow" class="external text" href="https://techcrunch.com/2019/03/25/social-investment-platform-etoro-acquires-smart-contract-startup-firmo/">"Social investment platform eToro acquires smart contract startup Firmo"</a>. <i>TechCrunch</i><span class="reference-accessdate">. Retrieved <span class="nowrap">2022-11-23</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=TechCrunch&rft.atitle=Social+investment+platform+eToro+acquires+smart+contract+startup+Firmo&rft.date=2019-03-25&rft.aulast=Tabatabai&rft.aufirst=Arman&rft_id=https%3A%2F%2Ftechcrunch.com%2F2019%2F03%2F25%2Fsocial-investment-platform-etoro-acquires-smart-contract-startup-firmo%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-38"><span class="mw-cite-backlink"><b><a href="#cite_ref-38">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.financemagnates.com/executives/moves/etorox-names-firmo-ceo-omri-ross-chief-blockchain-scientist/">"eToroX Names Omri Ross Chief Blockchain Scientist"</a>. <i>Financial and Business News | Finance Magnates</i>. 27 March 2019<span class="reference-accessdate">. Retrieved <span class="nowrap">2022-11-23</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Financial+and+Business+News+%7C+Finance+Magnates&rft.atitle=eToroX+Names+Omri+Ross+Chief+Blockchain+Scientist&rft.date=2019-03-27&rft_id=https%3A%2F%2Fwww.financemagnates.com%2Fexecutives%2Fmoves%2Fetorox-names-firmo-ceo-omri-ross-chief-blockchain-scientist%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-:3-39"><span class="mw-cite-backlink">^ <a href="#cite_ref-:3_39-0"><sup><i><b>a</b></i></sup></a> <a href="#cite_ref-:3_39-1"><sup><i><b>b</b></i></sup></a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFSazandrishvili2020" class="citation journal cs1">Sazandrishvili, George (2020). <a rel="nofollow" class="external text" href="https://onlinelibrary.wiley.com/doi/10.1002/jcaf.22432">"Asset tokenization in plain English"</a>. <i>Journal of Corporate Accounting & Finance</i>. <b>31</b> (2): <span class="nowrap">68–</span>73. <a href="/wiki/Doi_(identifier)" class="mw-redirect" title="Doi (identifier)">doi</a>:<a rel="nofollow" class="external text" href="https://doi.org/10.1002%2Fjcaf.22432">10.1002/jcaf.22432</a>. <a href="/wiki/ISSN_(identifier)" class="mw-redirect" title="ISSN (identifier)">ISSN</a> <a rel="nofollow" class="external text" href="https://search.worldcat.org/issn/1044-8136">1044-8136</a>. <a href="/wiki/S2CID_(identifier)" class="mw-redirect" title="S2CID (identifier)">S2CID</a> <a rel="nofollow" class="external text" href="https://api.semanticscholar.org/CorpusID:213916347">213916347</a>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Journal+of+Corporate+Accounting+%26+Finance&rft.atitle=Asset+tokenization+in+plain+English&rft.volume=31&rft.issue=2&rft.pages=%3Cspan+class%3D%22nowrap%22%3E68-%3C%2Fspan%3E73&rft.date=2020&rft_id=https%3A%2F%2Fapi.semanticscholar.org%2FCorpusID%3A213916347%23id-name%3DS2CID&rft.issn=1044-8136&rft_id=info%3Adoi%2F10.1002%2Fjcaf.22432&rft.aulast=Sazandrishvili&rft.aufirst=George&rft_id=https%3A%2F%2Fonlinelibrary.wiley.com%2Fdoi%2F10.1002%2Fjcaf.22432&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-40"><span class="mw-cite-backlink"><b><a href="#cite_ref-40">^</a></b></span> <span class="reference-text"><a rel="nofollow" class="external text" href="https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml">The Payment Card Industry Data Security Standard</a></span> </li> <li id="cite_note-41"><span class="mw-cite-backlink"><b><a href="#cite_ref-41">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.bluefin.com/products/tokenization/">"Tokenization: PCI Compliant Tokenization Payment Processing"</a>. <i>Bluefin Payment Systems</i><span class="reference-accessdate">. Retrieved <span class="nowrap">2016-01-14</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Bluefin+Payment+Systems&rft.atitle=Tokenization%3A+PCI+Compliant+Tokenization+Payment+Processing&rft_id=https%3A%2F%2Fwww.bluefin.com%2Fproducts%2Ftokenization%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-42"><span class="mw-cite-backlink"><b><a href="#cite_ref-42">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://docs.pcivault.io/guides/tokenization-algorithms">"PCI Vault: Tokenization Algorithms"</a>. <i>PCI Vault</i><span class="reference-accessdate">. Retrieved <span class="nowrap">2024-06-23</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=PCI+Vault&rft.atitle=PCI+Vault%3A+Tokenization+Algorithms&rft_id=https%3A%2F%2Fdocs.pcivault.io%2Fguides%2Ftokenization-algorithms&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-43"><span class="mw-cite-backlink"><b><a href="#cite_ref-43">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20090731031150/http://www.hospitalityupgrade.com/_files/File_Articles/HUSum08_CounterPointOder_SecuredDataisNotStoredData.pdf">"Data Security: Counterpoint – "The Best Way to Secure Data is Not to Store Data"<span class="cs1-kern-right"></span>"</a> <span class="cs1-format">(PDF)</span>. Archived from <a rel="nofollow" class="external text" href="http://www.hospitalityupgrade.com/_files/File_Articles/HUSum08_CounterPointOder_SecuredDataisNotStoredData.pdf">the original</a> <span class="cs1-format">(PDF)</span> on 2009-07-31<span class="reference-accessdate">. Retrieved <span class="nowrap">2009-06-17</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Data+Security%3A+Counterpoint+%E2%80%93+%22The+Best+Way+to+Secure+Data+is+Not+to+Store+Data%22&rft_id=http%3A%2F%2Fwww.hospitalityupgrade.com%2F_files%2FFile_Articles%2FHUSum08_CounterPointOder_SecuredDataisNotStoredData.pdf&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-44"><span class="mw-cite-backlink"><b><a href="#cite_ref-44">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20140407070258/http://democrats.energycommerce.house.gov/sites/default/files/documents/Testimony-Russo-CMT-Consumer-Information-Data-Breach-2014-2-5.pdf">"Protecting Consumer Information: Can Data Breaches Be Prevented?"</a> <span class="cs1-format">(PDF)</span>. Archived from <a rel="nofollow" class="external text" href="http://democrats.energycommerce.house.gov/sites/default/files/documents/Testimony-Russo-CMT-Consumer-Information-Data-Breach-2014-2-5.pdf">the original</a> <span class="cs1-format">(PDF)</span> on 2014-04-07<span class="reference-accessdate">. Retrieved <span class="nowrap">2014-04-01</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Protecting+Consumer+Information%3A+Can+Data+Breaches+Be+Prevented%3F&rft_id=http%3A%2F%2Fdemocrats.energycommerce.house.gov%2Fsites%2Fdefault%2Ffiles%2Fdocuments%2FTestimony-Russo-CMT-Consumer-Information-Data-Breach-2014-2-5.pdf&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-45"><span class="mw-cite-backlink"><b><a href="#cite_ref-45">^</a></b></span> <span class="reference-text"><a rel="nofollow" class="external text" href="https://usa.visa.com/dam/VCOM/global/support-legal/documents/bulletin-tokenization-best-practices.pdf">Visa Tokenization Best Practices</a></span> </li> <li id="cite_note-46"><span class="mw-cite-backlink"><b><a href="#cite_ref-46">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20161014221023/http://emvco.com/specifications.aspx?id=263">"EMV Payment Tokenisation Specification – Technical Framework"</a>. March 2014. Archived from <a rel="nofollow" class="external text" href="http://www.emvco.com/specifications.aspx?id=263">the original</a> on 2016-10-14<span class="reference-accessdate">. Retrieved <span class="nowrap">2014-11-04</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=EMV+Payment+Tokenisation+Specification+%E2%80%93+Technical+Framework&rft.date=2014-03&rft_id=http%3A%2F%2Fwww.emvco.com%2Fspecifications.aspx%3Fid%3D263&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> <li id="cite_note-47"><span class="mw-cite-backlink"><b><a href="#cite_ref-47">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20140407071624/https://www.owasp.org/index.php/Guide_to_Cryptography">"OWASP Guide to Cryptography"</a>. Archived from <a rel="nofollow" class="external text" href="https://www.owasp.org/index.php/Guide_to_Cryptography">the original</a> on 2014-04-07<span class="reference-accessdate">. Retrieved <span class="nowrap">2014-04-01</span></span>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=OWASP+Guide+to+Cryptography&rft_id=https%3A%2F%2Fwww.owasp.org%2Findex.php%2FGuide_to_Cryptography&rfr_id=info%3Asid%2Fen.wikipedia.org%3ATokenization+%28data+security%29" class="Z3988"></span></span> </li> </ol></div> <div class="mw-heading mw-heading2"><h2 id="External_links">External links</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Tokenization_(data_security)&action=edit&section=15" title="Edit section: External links"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <ul><li><a rel="nofollow" class="external text" href="https://web.archive.org/web/20150208051755/http://contactless-world.com/cloud-vs-payment/">Cloud vs Payment</a> - Cloud vs Payment - Introduction to tokenization via cloud payments.</li></ul> <!-- NewPP limit report Parsed by mw‐web.codfw.main‐7777d9bc4f‐dqgzz Cached time: 20250204083815 Cache expiry: 2592000 Reduced expiry: false Complications: [vary‐revision‐sha1, show‐toc] CPU time usage: 0.376 seconds Real time usage: 0.453 seconds Preprocessor visited node count: 2264/1000000 Post‐expand include size: 78174/2097152 bytes Template argument size: 441/2097152 bytes Highest expansion depth: 8/100 Expensive parser function count: 2/500 Unstrip recursion depth: 1/20 Unstrip post‐expand size: 146915/5000000 bytes Lua time usage: 0.238/10.000 seconds Lua memory usage: 5411346/52428800 bytes Number of Wikibase entities loaded: 0/400 --> <!-- Transclusion expansion time report (%,ms,calls,template) 100.00% 394.260 1 -total 71.13% 280.424 1 Template:Reflist 25.15% 99.154 6 Template:Cite_news 19.18% 75.605 1 Template:Short_description 17.04% 67.180 19 Template:Cite_web 13.54% 53.395 10 Template:Cite_journal 10.07% 39.708 2 Template:Pagetype 6.15% 24.238 3 Template:Main_other 5.80% 22.871 1 Template:Distinguish 4.06% 16.011 3 Template:Cite_book --> <!-- Saved in parser cache with key enwiki:pcache:61419:|#|:idhash:canonical and timestamp 20250204083815 and revision id 1253881566. Rendering was triggered because: page-view --> </div><!--esi <esi:include src="/esitest-fa8a495983347898/content" /> --><noscript><img src="https://login.wikimedia.org/wiki/Special:CentralAutoLogin/start?useformat=desktop&type=1x1&usesul3=0" alt="" width="1" height="1" style="border: none; position: absolute;"></noscript> <div class="printfooter" data-nosnippet="">Retrieved from "<a dir="ltr" href="https://en.wikipedia.org/w/index.php?title=Tokenization_(data_security)&oldid=1253881566">https://en.wikipedia.org/w/index.php?title=Tokenization_(data_security)&oldid=1253881566</a>"</div></div> <div id="catlinks" class="catlinks" data-mw="interface"><div id="mw-normal-catlinks" class="mw-normal-catlinks"><a href="/wiki/Help:Category" title="Help:Category">Category</a>: <ul><li><a href="/wiki/Category:Cryptography" title="Category:Cryptography">Cryptography</a></li></ul></div><div id="mw-hidden-catlinks" class="mw-hidden-catlinks mw-hidden-cats-hidden">Hidden categories: <ul><li><a href="/wiki/Category:CS1_maint:_multiple_names:_authors_list" title="Category:CS1 maint: multiple names: authors list">CS1 maint: multiple names: authors list</a></li><li><a href="/wiki/Category:CS1_errors:_requires_URL" title="Category:CS1 errors: requires URL">CS1 errors: requires URL</a></li><li><a href="/wiki/Category:CS1_errors:_missing_periodical" title="Category:CS1 errors: missing periodical">CS1 errors: missing periodical</a></li><li><a href="/wiki/Category:Articles_with_short_description" title="Category:Articles with short description">Articles with short description</a></li><li><a href="/wiki/Category:Short_description_matches_Wikidata" title="Category:Short description matches Wikidata">Short description matches Wikidata</a></li></ul></div></div> </div> </main> </div> <div class="mw-footer-container"> <footer id="footer" class="mw-footer" > <ul id="footer-info"> <li id="footer-info-lastmod"> This page was last edited on 28 October 2024, at 11:16<span class="anonymous-show"> (UTC)</span>.</li> <li id="footer-info-copyright">Text is available under the <a href="/wiki/Wikipedia:Text_of_the_Creative_Commons_Attribution-ShareAlike_4.0_International_License" title="Wikipedia:Text of the Creative Commons Attribution-ShareAlike 4.0 International License">Creative Commons Attribution-ShareAlike 4.0 License</a>; additional terms may apply. By using this site, you agree to the <a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Terms_of_Use" class="extiw" title="foundation:Special:MyLanguage/Policy:Terms of Use">Terms of Use</a> and <a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Privacy_policy" class="extiw" title="foundation:Special:MyLanguage/Policy:Privacy policy">Privacy Policy</a>. Wikipedia® is a registered trademark of the <a rel="nofollow" class="external text" href="https://wikimediafoundation.org/">Wikimedia Foundation, Inc.</a>, a non-profit organization.</li> </ul> <ul id="footer-places"> <li id="footer-places-privacy"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Privacy_policy">Privacy policy</a></li> <li id="footer-places-about"><a href="/wiki/Wikipedia:About">About Wikipedia</a></li> <li id="footer-places-disclaimers"><a href="/wiki/Wikipedia:General_disclaimer">Disclaimers</a></li> <li id="footer-places-contact"><a href="//en.wikipedia.org/wiki/Wikipedia:Contact_us">Contact Wikipedia</a></li> <li id="footer-places-wm-codeofconduct"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Universal_Code_of_Conduct">Code of Conduct</a></li> <li id="footer-places-developers"><a href="https://developer.wikimedia.org">Developers</a></li> <li id="footer-places-statslink"><a href="https://stats.wikimedia.org/#/en.wikipedia.org">Statistics</a></li> <li id="footer-places-cookiestatement"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Cookie_statement">Cookie statement</a></li> <li id="footer-places-mobileview"><a href="//en.m.wikipedia.org/w/index.php?title=Tokenization_(data_security)&mobileaction=toggle_view_mobile" class="noprint stopMobileRedirectToggle">Mobile view</a></li> </ul> <ul id="footer-icons" class="noprint"> <li id="footer-copyrightico"><a href="https://wikimediafoundation.org/" class="cdx-button cdx-button--fake-button cdx-button--size-large cdx-button--fake-button--enabled"><img src="/static/images/footer/wikimedia-button.svg" width="84" height="29" alt="Wikimedia Foundation" lang="en" loading="lazy"></a></li> <li id="footer-poweredbyico"><a href="https://www.mediawiki.org/" class="cdx-button cdx-button--fake-button cdx-button--size-large cdx-button--fake-button--enabled"><img src="/w/resources/assets/poweredby_mediawiki.svg" alt="Powered by MediaWiki" width="88" height="31" loading="lazy"></a></li> </ul> </footer> </div> </div> </div> <div class="vector-header-container vector-sticky-header-container"> <div id="vector-sticky-header" class="vector-sticky-header"> <div class="vector-sticky-header-start"> <div class="vector-sticky-header-icon-start vector-button-flush-left vector-button-flush-right" aria-hidden="true"> <button class="cdx-button cdx-button--weight-quiet cdx-button--icon-only vector-sticky-header-search-toggle" tabindex="-1" data-event-name="ui.vector-sticky-search-form.icon"><span class="vector-icon mw-ui-icon-search mw-ui-icon-wikimedia-search"></span> <span>Search</span> </button> </div> <div role="search" class="vector-search-box-vue vector-search-box-show-thumbnail vector-search-box"> <div class="vector-typeahead-search-container"> <div class="cdx-typeahead-search cdx-typeahead-search--show-thumbnail"> <form action="/w/index.php" id="vector-sticky-search-form" class="cdx-search-input cdx-search-input--has-end-button"> <div class="cdx-search-input__input-wrapper" data-search-loc="header-moved"> <div class="cdx-text-input cdx-text-input--has-start-icon"> <input class="cdx-text-input__input" type="search" name="search" placeholder="Search Wikipedia"> <span class="cdx-text-input__icon cdx-text-input__start-icon"></span> </div> <input type="hidden" name="title" value="Special:Search"> </div> <button class="cdx-button cdx-search-input__end-button">Search</button> </form> </div> </div> </div> <div class="vector-sticky-header-context-bar"> <nav aria-label="Contents" class="vector-toc-landmark"> <div id="vector-sticky-header-toc" class="vector-dropdown mw-portlet mw-portlet-sticky-header-toc vector-sticky-header-toc vector-button-flush-left" > <input type="checkbox" id="vector-sticky-header-toc-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-sticky-header-toc" class="vector-dropdown-checkbox " aria-label="Toggle the table of contents" > <label id="vector-sticky-header-toc-label" for="vector-sticky-header-toc-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-listBullet mw-ui-icon-wikimedia-listBullet"></span> <span class="vector-dropdown-label-text">Toggle the table of contents</span> </label> <div class="vector-dropdown-content"> <div id="vector-sticky-header-toc-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <div class="vector-sticky-header-context-bar-primary" aria-hidden="true" ><span class="mw-page-title-main">Tokenization (data security)</span></div> </div> </div> <div class="vector-sticky-header-end" aria-hidden="true"> <div class="vector-sticky-header-icons"> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-talk-sticky-header" tabindex="-1" data-event-name="talk-sticky-header"><span class="vector-icon mw-ui-icon-speechBubbles mw-ui-icon-wikimedia-speechBubbles"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-subject-sticky-header" tabindex="-1" data-event-name="subject-sticky-header"><span class="vector-icon mw-ui-icon-article mw-ui-icon-wikimedia-article"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-history-sticky-header" tabindex="-1" data-event-name="history-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-history mw-ui-icon-wikimedia-wikimedia-history"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only mw-watchlink" id="ca-watchstar-sticky-header" tabindex="-1" data-event-name="watch-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-star mw-ui-icon-wikimedia-wikimedia-star"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-edit-sticky-header" tabindex="-1" data-event-name="wikitext-edit-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-wikiText mw-ui-icon-wikimedia-wikimedia-wikiText"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-ve-edit-sticky-header" tabindex="-1" data-event-name="ve-edit-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-edit mw-ui-icon-wikimedia-wikimedia-edit"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-viewsource-sticky-header" tabindex="-1" data-event-name="ve-edit-protected-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-editLock mw-ui-icon-wikimedia-wikimedia-editLock"></span> <span></span> </a> </div> <div class="vector-sticky-header-buttons"> <button class="cdx-button cdx-button--weight-quiet mw-interlanguage-selector" id="p-lang-btn-sticky-header" tabindex="-1" data-event-name="ui.dropdown-p-lang-btn-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-language mw-ui-icon-wikimedia-wikimedia-language"></span> <span>6 languages</span> </button> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--action-progressive" id="ca-addsection-sticky-header" tabindex="-1" data-event-name="addsection-sticky-header"><span class="vector-icon mw-ui-icon-speechBubbleAdd-progressive mw-ui-icon-wikimedia-speechBubbleAdd-progressive"></span> <span>Add topic</span> </a> </div> <div class="vector-sticky-header-icon-end"> <div class="vector-user-links"> </div> </div> </div> </div> </div> <div class="vector-settings" id="p-dock-bottom"> <ul></ul> </div><script>(RLQ=window.RLQ||[]).push(function(){mw.config.set({"wgHostname":"mw-web.codfw.main-84b999ff94-lvkxr","wgBackendResponseTime":139,"wgPageParseReport":{"limitreport":{"cputime":"0.376","walltime":"0.453","ppvisitednodes":{"value":2264,"limit":1000000},"postexpandincludesize":{"value":78174,"limit":2097152},"templateargumentsize":{"value":441,"limit":2097152},"expansiondepth":{"value":8,"limit":100},"expensivefunctioncount":{"value":2,"limit":500},"unstrip-depth":{"value":1,"limit":20},"unstrip-size":{"value":146915,"limit":5000000},"entityaccesscount":{"value":0,"limit":400},"timingprofile":["100.00% 394.260 1 -total"," 71.13% 280.424 1 Template:Reflist"," 25.15% 99.154 6 Template:Cite_news"," 19.18% 75.605 1 Template:Short_description"," 17.04% 67.180 19 Template:Cite_web"," 13.54% 53.395 10 Template:Cite_journal"," 10.07% 39.708 2 Template:Pagetype"," 6.15% 24.238 3 Template:Main_other"," 5.80% 22.871 1 Template:Distinguish"," 4.06% 16.011 3 Template:Cite_book"]},"scribunto":{"limitreport-timeusage":{"value":"0.238","limit":"10.000"},"limitreport-memusage":{"value":5411346,"limit":52428800}},"cachereport":{"origin":"mw-web.codfw.main-7777d9bc4f-dqgzz","timestamp":"20250204083815","ttl":2592000,"transientcontent":false}}});});</script> <script type="application/ld+json">{"@context":"https:\/\/schema.org","@type":"Article","name":"Tokenization (data security)","url":"https:\/\/en.wikipedia.org\/wiki\/Tokenization_(data_security)","sameAs":"http:\/\/www.wikidata.org\/entity\/Q17086007","mainEntity":"http:\/\/www.wikidata.org\/entity\/Q17086007","author":{"@type":"Organization","name":"Contributors to Wikimedia projects"},"publisher":{"@type":"Organization","name":"Wikimedia Foundation, Inc.","logo":{"@type":"ImageObject","url":"https:\/\/www.wikimedia.org\/static\/images\/wmf-hor-googpub.png"}},"datePublished":"2002-07-11T10:34:15Z","dateModified":"2024-10-28T11:16:45Z","image":"https:\/\/upload.wikimedia.org\/wikipedia\/commons\/3\/3e\/How_mobile_payment_tokenization_works.png","headline":"concept in data security"}</script> </body> </html>