Confidential personal information flows freely on data networks unless it is adequately guarded. Sensitive information can be compromised without digital security. Tokenization is one of the methods to secure personal data.
Tokens are random numbers that are used to mask personally identifiable information (PII) such as bank account details, credit/debit card numbers, PAN/AADHAR data, and credentials (pins, passwords). They are substitutes generated during a transaction. They do not have any intrinsic value except when mapped to the stored PII. They securely complete the transaction.
Tokenization is different from encryption. In encryption, data is scrambled using the key. In tokenization, data is replaced with the token for the duration of use. In encryption, the keys are required on either end for encryption and decryption, whereas in tokenization, tokens are used everywhere to complete the transaction–with or without any need for encryption or decryption.