Sign up for The Paypers newsletter Follow The Paypers on LinkedIn Follow The Paypers on Twitter Follow The Paypers on Facebook
The Paypers, paypers, Insight in payments, News, Reports, Events
 advertisement
Cards

Visa reveals global best practices for card data tokenization

Thursday 15 July 2010 | 11:38 AM CET

Visa has released a series of guidelines concerning the best practices for tokenization. The guide is set to help merchants, vendors, service providers and acquirers reduce or eliminate sensitive card data from payment systems as well as simplify data security and compliance efforts.

The guidelines focus on a series of key areas such as proper generation of tokens and the management of historical data. According to the guide, an effective tokenization process should take into account previous components such as token generation, token mapping, card data vault and cryptographic key management. Moreover, for a complete prevention of fraud attack incidents, further sensitive authentication data such as full contents of the magnetic strip, CVV2, PIN and PIN block should never be stored after the authorization, the same study has pointed out.

In 2009, Visa published the Visa Best Practices for Data Field Encryption, a study dealing with the protection of cardholder information and limitation of the clear-text availability of cardholder data and sensitive authentication data. Visa recommended within the guide that entities should consider using tokens (such as a transaction ID or a surrogate value) to replace the PAN for use in payment-related business purposes other than payment acceptance.
 

More: Link
 advertisement
 advertisement
 advertisement
 advertisement