Keep Sensitive Data Out of Downstream Systems.

• Minimizes PCI scope
• Protects any structured data set
• Integrates easily with common PIN pad devices (Magtek, Ingenico, Verifone, ID Tech, and others)
• Leverages TokenEx partners for IVR/DTMF and remove the call center from PCI scope. (Semaphone, Syntec, Eckoh).

Collecting sensitive data over the phone (VoIP, POTS, etc.) can complicate PCI compliance. There are many ways to reduce the exposure of sensitive data in the call center by leveraging the TokenEx platform. If a telephony data collection system is in place, such as IVR or DTMF, the TokenEx API can enable tokenization of sensitive data being collected.

Alternatively, the iFrame solution can be used to tokenize and/or detokenize data in a web application. For payment use cases in which P2PE devices are being used for data entry, the TokenEx P2PE services API can be used to tokenize PANs. This enables organizations to prevent sensitive cardholder data from traveling beyond their contact centers, potentially removing downstream systems from scope.

How it Works

• Customer enters sensitive data via voice or phone keypad.
• The data is captured via IVR, DTMF, or a PIN pad device and then forwarded to the TokenEx API.
• TokenEx returns a token to the contact center for storage.