PCI tokenization document mirrors the Visa Best Practices for Tokenization
The long-awaited PCI DSS Tokenization Guidelines outline how tokens can be used in merchant systems and ways to properly deploy the technology, which substitutes tokens in place of primary account numbers (PANs) to limit the movement of cardholder data in the environment. A properly deployed system in certain merchant environments can “potentially” reduce the merchant’s effort to implement PCI DSS requirements, according to the report.
The tokenization document mirrors the Visa Best Practices for Tokenization report, which was issued last summer. Tokens used within merchant analytical systems and payment applications may not need the same level of security protection.