Tokens are random numbers that are used to mask the personally identifiable information (PII), be it Bank Account Details, Credit/Debit card numbers, PAN / AADHAR data, credentials (pins, passwords) and the like by replacing them with randomly generate substitutes at the time of use; Tokens are thus used for completing the transaction and themselves do not have any intrinsic value except when mapped to the PII that is stored.
Tokenization is different from encryption. In encryption, data is scrambled using the key, whereas, in tokenization, data is replaced with the token for the duration of the specific use. In encryption, the keys are required on either end for encryption and decryption, whereas in tokenization, tokens are used everywhere to complete the transaction instead of actual data, with or without any need for encryption or decryption.
The Random Number Generator (RNG) being used thus have great importance to the process of tokenization. If the numbers generated are easily predictable, or are prone to patterns, the tokens themselves become weak and pose a security and compliance risks for organizations. The source, origination and generation of token generation is thus THE most important process in ensuring good quality, truly random tokens.
WHAT YOU GET FROM THIS WHITEPAPER:
Download the whitepaper