Tokenization is a good tool to prevent credit card theft.It is better than Encryption and Masking, but it is often confused with Tokenization, Encryption, and Masking.
Differences between Tokenization, Encryption, and Masking
Masking means that the data content is partially changed if the format is unchanged, such as replacing symbols or numbers.
Tokenization is to change the data to another set of data of the same nature, and the format is unchanged after conversion,such as the identity card number , it will still compliance with the code of the identity card number after tokenization , but it is not the real data.
Encryption means changing the data to a hard-to-read ciphertext, which can be decrypted just with the key. The difference between Encryption and Tokenization is that the former format will change after the conversion, and the latter won’t.
After Encryption is processed, the length of the ciphertext will be different from the original one, and the ciphertext is a set of illegible characters that are difficult to recognize and cannot be used anymore. If Tokenization is adopted, the original data characteristics can be retained, and the changed string can still be used again.
Briefly, it won’t be transmitted with credit card numbers through Tokenization technology , but a random set of corresponding words.After Tokenization, the hacker will not intercept the real information of the cardholder on the Internet, so it is difficult to obtain certification, which greatly reduces the risk of piracy.
DPM easyData
DPM easyData is a high performance data spoofing engine and front end console. Data spoofing or tokenization
is the process of replacing whole or parts of sensitive data with a non-sensitive equivalent. DPM easyData allows
web and app server applications and databases to tokenize and anonymize data and apply masking policies for
unauthorized users when retrieving sensitive data.
The product has the following features:
Pseudoanonymization or tokenization of data by replacing sensitive data with dummy “token” values
Preserving the format of input data
Policy based single use and multi-use tokens
Multilanguage tokenization and anonymization
High performance
Web service API for client applications to perform tokenization/detokenization, encryption and
anonymization
Full auditing of all console operations and engine operations
Performance monitoring and integration with syslog and email for performance alerts
The software has two components:
. Management console –
a browser based
management console that allows users to
configure policies, access and maintain tokens
and administer the system.
. Engine –
high performance engine to provide data
spoofing such as tokenization and anonymization
services and accessed using a web services API.
Supported backend databases :
Oracle 10g, 11g and 12c
MySQL 5 and up
Supported environments :
Windows 7, 8, 10, Server 2008 and up
Linux kernel 2.6 and up, CentOS kernel 2.6 and up, SUSE kernel 2.6.32 and 4.4.21 and up
Physical and virtualized environments
Supported clients :
Any legacy and current applications
RESTful, SOAP and Web services, Java
Oracle, MS SQL server and IBM iSeries DB2 Database connectors