Electronic Transfer Credit Card Processing
Nationwide Credit Card Processing since 1989.
Electronic Transfer Credit Card Processing
Free Credit Card Processing Signup! Free Sign Up!
Credit Card Processing

Stored Profile for Tokenization of Credit Card Numbers

Tokenization makes it more difficult for hackers to gain access to credit card data outside of the token storage system. Implementation of tokenization will simplify the requirements storing credit card data since the credit card information is never stored by the merchant.

The User Profile feature allows the merchant to process returning customers without the need to store sensitive and confidential customer information on the merchant's server. Storing sensitive information requires secure servers, in addition to various certifications. The features include the ability to Add a Profile, Import a Profile, Update a Profile, and Delete a Profile for all your Check or Credit Card transactions.

Some features of using a Stored Profile for Tokenization:

Tokenization

Why should you enable Tokenization for your business?

The Merchant Profile was created for Merchants Such As:

Other Features of the Merchant Profile System:

PCI Compliance:

 

What Visa Says:

How Tokenization Works

Tokenization defines a process through which PAN data is replaced with a surrogate value known as a "token." The security of an individual token relies on properties of uniqueness and the infeasibility to determine the original PAN knowing only the surrogate value. As a reference or surrogate value for the original PAN, a token can be used freely by systems and applications within a merchant environment.
Where properly implemented, tokenization allows merchants to limit the storage of cardholder data to within the tokenization system, potentially simplifying an entity"™s assessment against the PCI DSS. As a reference or surrogate value for the original PAN, a token can be used by systems and applications within a merchant environment without having to consider the security implications associated with the use of cardholder data.
The security and robustness of a tokenization system is dependent upon the secure implementation of four critical components, and the overall management of the system and any historical data:

 

 

Best Practice

The following are best practices for use of tokenization technology to protect cardholder data:

1. Network Segmentation: The tokenization system must be adequately segmented from the rest of the network. The tokenization system must be deployed within a fully PCI DSS compliant environment and be subject to a full PCI DSS assessment.2. Authentication: Only authenticated entities shall be allowed access to the tokenization system.
3. Monitoring: The tokenization system must implement monitoring to detect malfunctions or anomalies and suspicious activities in token-to-PAN mapping requests. Upon detection, the monitoring system should alert administrators and actively block token-to requests or implement a rate limiting function to limit PAN data disclosure.
4. Token Distinguishability: The tokenization system must be able to identify and distinguish between tokenized and cleartext cardholder data and avoid the propagation of tokens to systems expecting cleartext cardholder data.Note: In accordance with the Visa Best Practices for Data Field Encryption, cardholder data must remain encrypted from the point where it enters an entity"™s system up to the point it is tokenized to achieve the full benefits of a tokenization solution.5. Token Generation: Knowing only the token, the recovery of the original PAN must not be computationally feasible. Token generation can be conducted utilizing either:

6. Single-use vs. Multi-use Tokens: Tokens can be generated as a single- or multi-use surrogate value, the choice of which depends largely on business processes:

Conclusion
Visa supports tokenization as a means of replacing Primary Account Numbers (PANs) with non-sensitive surrogate values (known as "tokens") to eliminate or reduce storage of cardholder data. Tokenization can be implemented independently or in concert with data field encryption for the protection of cardholder information. To support marketplace adoption of tokenization, Visa has developed best practices to assist merchants and other stakeholders in evaluating and adopting tokenization solutions. These best practices should be viewed as high level guidance to be considered for any such solution to assist stakeholders in the Visa payment system.

Token Sample Sale Code:

<form method=POST action="https://trans.secure-fastcharge.com/cgi-bin/process.cgi">
<input type=hidden name=action value="profile_sale">
<input type=text name=acctid value="">
<input type=text name=subid value="">
<input type=text name=userprofileid value="">
<input type=text name=last4digits value="">
<input type=text name=cvv2 value="">
<input type=text name=ci_email value="">
<input type=text name=ci_memo value="">
<input type=text name=merchantpin value="">
<input type=text name=merchantordernumber value="">
<input type=submit>
</form>

Profile Update Credit Card Sample Code:

<form method=POST action="https://trans.secure-fastcharge.com/cgi-bin/process.cgi">
<input type=hidden name=action value="profile_update">
<input type=text name=acctid value="">
<input type=text name=subid value="">
<input type=text name=userprofileid value="">
<input type=text name=last4digits value="">
<input type=text name=ccnum value="">
<input type=text name=expmon value="">
<input type=text name=expyear value="">
<input type=text name=accttype value="1″>
<input type=text name=ci_email value="">
<input type=text name=ci_memo value="">
<input type=text name=merchantpin value="">
<input type=text name=merchantordernumber value="">
<input type=submit>
</form>

Merchants interested in signing up for a Tokenization Payment Gateway account can contact us at 1-800-757-5453 for more information.

 

merchant-account-service

Get a Quick Quote:

payment processing
Copyright © Electronic Transfer, Inc. All Rights Reserved.

Electronic Transfer, Inc. is a Registered ISO/MSP of Westamerica Bank, Santa Rosa, CA.

Electronic Transfer, Inc. offers merchant accounts and credit card processing to accept Credit Cards. ETI has helped merchants with their Credit Card Processing since 1989 - This web page is about Merchant Accounts, Hypercom, Credit Card Processing, Virtual Terminals, Card-Swipe Terminals, VeriFone, Website Payment Processing, Secure Gateway, Wireless Credit Card Terminals and iPhone Credit Card Systems.