Minimize scope. Reduce FRAUD.

Layered security for payments

When combating card-not-present fraud, the stronger the machine learning signal the stronger the score will be. The Kount KHASH is an extremely strong signal, so let TokenEx mitigate the client’s internal risk and let Kount stop the fraud.

Data protection + fraud prevention

Keep downstream systems out of scope

Use the TokenEx iFrame to capture the PAN before it enters your environment.

Prevent chargebacks, disputes, and more.

Leverage Kount’s digital fraud protection services to protect your customers and your business.

Receive third-party agnostic tokens

Send TokenEx tokens to any third-party endpoint so you can easily transact with your PSP ecosystem.

  1. Client adds “returnKHash” parameter to the TokenEx iFrame configuration object.
  2. TokenEx generates a KHASH from the PAN when creating a token.
  3. Client calls Kount to review the transaction details.
  4. Kount provides a fraud score and a recommendation (approve, decline or review).
  5. If the transaction is approved, the client routes its request through the TokenEx Transparent Gateway to the desired payment gateway.

To maximize the power of Kount’s Identity Trust Global Network, clients and partners need to include Kount’s proprietary token (KHASH) as part of the Risk Inquiry Service. However, generating the KHASH requires access to the raw PAN, which can potentially introduce or reintroduce PCI scope into the merchant or partner’s environment.

Through TokenEx’s partnership with Kount, clients can use the TokenEx iFrame to capture the PAN and then generate both a TokenEx token and the Kount KHASH while staying outside of PCI scope and mitigating any risk factors related to hosting the KHASH function.


What does TokenEx do?

TokenEx is an Oklahoma-based cloud tokenization provider. It captures sensitive data via API calls or managed file transfers before the data enters an organization’s internal systems. Once tokenized, this data can be sent to any API endpoint. This creates a layer of abstraction that not only minimizes risk, but also increases freedom, control, and interoperability. 

What is tokenization?

Tokenization is the process of exchanging a sensitive data element for a nonsensitive equivalent called a token. This protects the original sensitive data from exposure in the event of a breach while still preserving its value and utility for business purposes, such as processing digital transactions.

How is tokenization different from other providers?

Unlike other providers, TokenEx does not hold your data hostage. Instead, we give you more ways to use it safely so you can add value to your data and to your business.

What are some of the outcomes TokenEx has generated for its Kount clients?

Bolder Road, an ecommerce company, integrated with TokenEx and Kount to capture card data directly from its checkout pages so it can be sent to Kount for a fraud evaluation without introducing PCI scope. This process is seamless for the end consumer, creating a secure, frictionless transaction.

“Using a layered approach to prevent data theft and payment fraud creates a secure foundation that keeps data safe from breaches and the cost of fraudulent purchases down,” Bolder Road CEO Nevin Shalit said. “Incorporating tokenization from TokenEx and fraud prevention from Kount was one of the smartest decisions we made to differentiate our ecommerce services from our competitors.”

How to Choose
a Tokenization Solution

Make sure you’re asking the right questions by reading this resource.