Why is your Data Being Held Hostage? TokenEx Offers Risk Free Tokenization Release

Why is your Data Being Held Hostage? TokenEx Offers Risk Free Data Release

Tokenization as a service is the new hot buzzword in data security. Chase, Apple, Visa, MasterCard, and a few others are currently offering tokenization or have plans to release the service in the upcoming months. What is tokenization? Are there different forms of tokenization? What type of flexibility will you have with tokenized data? Are there companies who keep your sensitive data if you decide to use another payment processor? As a savvy customer, you should always keep control of your data and not allow these service providers to hold your data hostage. TokenEx offers a Risk Free solution where you can get your data back at any time, in a PCI compliant fashion, and without hassle to all your customers.

What is Tokenization? Are There Different Types of Tokenization

Tokenization is replacing sensitive data (PCI, PII, PHI, etc.) with a token that is mathematically unrelated to the original data set. There are multiple acceptance channels in today’s business environment, also known as Omnichannel, which includes: e-Commerce, Data Vaulting, Recurring Payments, Batch Processing, Virtual Terminal Proxy, Web Services, Accepting Physical Payments, Call Centers, etc. The acceptance channels are connected to payment gateways. Certain tokenization solutions will only tokenize your data if you use that particular payment gateway as your tokenization provider. If you decided to leave that processor for another one, then it is, unfortunately, commonplace that processor or service provider will simply hold your data hostage and not return it to you unless you pay a hefty fee.

Outsourced tokenization is done through a cloud-based service offering aPaaS, while on-premise tokenization is where the data is tokenized and stored on-site. Most on-premise tokenization solutions call for an expensive infrastructure and increased support staff. Outsourced tokenization is generally cheaper and more secure. Allowing security experts to store and maintain your sensitive data can reduce your PCI compliance/scope up to 95%. The most important aspect of a tokenization provider is whether they are processor agnostic. A tokenization solution must allow customers to choose their payment processor and payment gateway, allowing companies to make the best decision on payment solutions.

What is the TokenEx stance on releasing data back to customers with no strings attached? 

TokenEx views our customers’ data as their own.  TokenEx has no right to this data and only acts as a custodian of this data while it is in our possession.  Based on our Services Agreement, our customers can get there data back at any time from TokenEx with limited notice.

Why do companies like Chase Payment Tech have the audacity to keep sensitive data, when a customer changes processors?

Data is a sticking point for processors, as it is with most companies.  The customer data they’re holding actually creates the barrier to exit for the customer because, as far as tokenized data is concerned, customers cannot take tokenized data from one service provider to the next.  For example, one of the processors TokenEx worked with in the past would not hand over the data to their customer, and they continued trying to salvage the contract with the customer while not giving up the data.  This is a horrible policy and it goes to show that all organizations should either choose an independent provider to manage their data or they should have contractual language in place to ensure they can get their data when they want to pivot to other service providers.

How do customers receive their data back from TokenEx?

It is important to note that TokenEx has not had a situation where a customer has requested their data back to date.  However, if such a request were made, TokenEx has a few different capabilities to provide customers their data.  Interestingly, TokenEx will work with our customer through challenges of moving data like PCI compliance, to name one, because we believe in doing business the right way.  Should a customer decide to leave, we will do all we can to assist them through their transition to another provider.

Data Center Redundancy

TokenEx is considered a high-availability environment.  TokenEx maintains relationships with two different data centers, so if one were to technical difficulty, all of our customers’ data would be available in the other data center.  TokenEx has gone through a tremendous amount of thought to ensure our customers’ data, the backbone of their business, is as available as possible for them to use.  Again, it’s their data, and we are simply maintaining it for them in a safe and secure environment.

The majority of TokenEx customers are able to save enough money in auditing expenses and other related costs that they are easily able to pay for the TokenEx solution. To learn more about tokenization as a service and protecting your Omnichannel acceptance environment, visit TokenEx.com. Follow us on Twitter and LinkedIn to stay current on the latest news and trends in data security.


Topic(s): payments , data security , tokenization

Keep Up With Our PCI & Privacy Blog