Eliminate the Complexity of Secure Data Storage
Tokenization, with Commerce Safe™, protects sensitive customer payment account data by encrypting and assigning it a unique token that can be stored for future use, such as recurring payments. The sensitive payment account data (eg. card data for Credit/Debit transactions and bank account information for Check transactions) is securely stored in a PCI compliant data center. This allows you to process payments by passing a token, instead of the payment account data. Using tokenization can drastically reduce the risk of cardholder data compromise and helps your customers maintain PCI compliance.
 |
Check or credit card payment account data, is sent from the merchant’s website, POS system, or other commerce application to Commerce Safe for tokenizing. |
 |
A copy of the payment account data is assigned a token, and stored securely within Commerce Safe’s PCI compliant data center; managed with hardware security modules (HSM). |
 |
Commerce Safe securely passes payment account data to the desired payment service provider for authorization or settlement. |
 |
A Commerce Safe token is returned in the transaction response back to the commerce application and can be stored, instead of the payment account data, and used to perform subsequent transactions. |
How tokenization can reduce your PCI compliance scope
Utilizing tokenization, with Commerce Safe, reduces the scope of your PCI and PA-DSS compliance requirements. To be compliant in either scenario, you must protect stored cardholder data. Merchants not doing so or using payment software and systems that do not protect cardholder data, will be de-certified by Visa Network Partners and Agents beginning October 1, 2009.
Learn more about these deadlines at the Visa Merchant Security site.
Furthermore, on July 10, 2010 acquiring banks must ensure that merchants are only using PA-DSS compliant applications to facilitate payments transactions.
What is Tokenization?
Tokenization
In payment processing, takes sensitive payment account data to be sent from a merchant to settling bank or other payment service provider and replaces it with a token representing that payment account data. The sensitive payment account data is encrypted and securely stored in a PCI compliant environment. The token, representing the payment account data can then be used for future payment processing.
Recurring Payments
CommerceSafe allows you to offer a solution that easily manages subscription or installment billing and eliminate the need to process, store or transmit sensitive transaction data.
Wallet Implemenations
Commerce Safe locks payment account data away until your application, or workflow, needs to call upon it. Commerce Safe Tokenization is flexible in implementation allowing for the creation of wallet based solutions when the application implements off-site storage to be called on an ad-hoc (customer initiated) basis.
To speak with someone or to request additional information about Commerce Safe Tokenization, please contact us here.