As a security company, TokenEx understands that you’re concerned with the safety of your data. We have previously established how tokenization is an improvement on encryption for many businesses, and how you can use reliable and proven security practices to keep data safe in your own environment. In this blog post, we will show you what we do to ensure your data stays secure in our systems.
As a Level 1 PCI-certified data security provider, we know what it takes to ensure your data’s security. That’s why we’ve adopted a three-prong authentication and authorization model for accessing and using the TokenEx platform.
Step 1: Your TokenEx ID
The first component of TokenEx’s security process is your TokenEx ID. This is simply the account number, or "username", you receive when you sign up with TokenEx. This value is used to identify you as a customer when accessing the TokenEx platform.
Step 2: API Keys
The second piece of the security equation is the API Key, which is a is a randomly generated "password" used to control access to functions in the TokenEx API. If a user tries to use a method without possessing the correct API key for the given method, the platform will not allow them execute that method. This type of granular access control will ensure that only the authorized users can access methods for which they have been given permission.
Step 3: The CIDR Block
CIDR, or Classless Inter-Domain Routing, is the third tool in the TokenEx authorization arsenal. By using a CIDR block, TokenEx can restrict access to your account to a certain set of IP addresses that you designate. For instance, you can restrict all access to your token vault to the IP address of your office – no other IPs will be able to reach your vault. That way, you can ensure that, even if someone does gain access to your account information, they still can’t access your tokens or sensitive data unless they’re connected to your network.