Tokenization is a Card Information Replacement Technology^SM (CIRT) solution developed by Shift4 to address the vulnerability issues associated with the storage of sensitive Cardholder Data (CHD). Historically, CHD has been stored and utilized to enable merchants to perform various business related functions including credits, tips, tabs and incremental authorizations. Tokenization provides merchants with the same functionality without the security risk that is present if the CHD is retained.

Tokenization provides full support for:

• Book & ship
• Credits
• Incremental authorizations
• Multiple charges on a single invoice
• Recurring billing
• Tips and open tabs

With Tokenization, merchants no longer need CHD past the initial electronic payment authorization request, so there is no reason to store this potentially dangerous information. Instead, when a transaction is authorized, Shift4 replaces CHD on the Point-of-Sale (POS) system or Property Management System (PMS) with a 16-character, globally unique, randomized, alphanumeric representation of the data called a “Token.”

A Token is a unique ID created to reference the actual data associated with a specific transaction. Because no encryption key management remains with the merchant, the only place a Shift4 Token can be decrypted is at the Shift4 DOLLARS ON THE NET™ gateway. The real CHD is securely stored in Shift4's Payment Card Industry (PCI) compliant data centers. A Token spans the lifetime of a transaction, so it provides all the same business functionalities merchants expect. If an adjustment or additional authorization is necessary, the Token is sent to Shift4 who then translates it, obtains an authorization code from the processor and returns the code with the Token back to the merchant.

A Token is constructed to include the last four digits of the card number it references, so all PMS and POS system reports remain fully functional. The DOLLARS ON THE NET gateway also retains up to a 24-month archive of the merchants detailed transactions history to be used for auditing, chargeback defense or other requests for information. Once again, there is no extra charge for this functionality as it is part of the DOLLARS ON THE NET service.

With Tokenization, the burden of storing and protecting the CHD is now on the gateway, where it should be. For the merchant, the implementation of Tokenization is a seamless transition that provides Real Security while saving time, money, resources and helps to Simplify PCI compliance.

For a more detailed look at Tokenization and its advantages over encryption for storing CHD, request a copy of our Tokenization In Depth white paper.

View our YouTube video interviews with Chris Mark of The Aegenis Group on Shift4's Tokenization solutions Click Here.