Tokenization of Credit Card Payment Data

Tokenization of Banking Card Payment Data

Keeping sensitive payment data secure and private by encrypting with tokenization

All merchants have both an obligation and an industry mandate to protect consumers’ payment card data. Two specific vulnerability points need to be addressed where sensitive data is at risk of being intercepted or stolen:

  • Pre-authorisation (when the merchant captures a consumer’s data and it is being sent or waiting to be sent to the acquirer/ processor); and
  • Post-authorisation (when the data has been sent back to the merchant with the authorisation response and placed in storage in the merchant environment)

Tokenization turns sensitive data into an unrecognizable string of characters that are rendered unusable without the tokenization system in place and, if stolen, provides no value to cybercriminals.

Business value

Business value


Maximum Security & Compliance

  • Securely manages and stores keys and sensitive data in a single, centralized location
  • Secures any structured data set, including personally identifiable information, for comprehensive privacy compliance.
  • Personally Identifiable Information (PII) is encrypted under hardware based 256 bit AES encryption
  • Meets compliance requirements with all relevant industry standards including Payment Card Industry standards (PCI DSS) and GDPR
  • Provides random tokens, based on a true hardware-based, FIPS-certified Random Number Generator.

Scalable and flexible

  • Allows for hierarchical user administration where dual-control is required for all sensitive operations.
  • Tokens can be generated in a wide variety of predefined formats, or a specified custom token formats
  • High Availability (HA) option, allowing multiple appliances to be integrated into a self-replicating network. Appliances may be separated geographically, allowing tokens issued by one appliance to be recovered on another.
  • Applicable for both token generation as well as de-tokenization.
  • Uses a simple JSON Schema with a RESTful API driven functionality.
  • Configurable network settings enable access to shared network storage for secure file storage and access.
  • Allows adding additional HSMs (including HSMs from other manufacturers), as well as view and manage existing HSMs within the infrastructure.
  • Offers configurable automated daily backup functions.

Regulatory Compliance Made Easy

Regulatory and industry compliant for strong user authentication, including PCI-DSS, NIST and GDPR


Remote Management

Remote Management permits appliance maintenance and configuration without requiring physical proximity


Software Simulator included

Included simulator allowing for evaluation and integration testing to benchmark the best possible solution for each specific case

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.