CipherTrust Tokenisation dramatically reduces the cost and effort required to comply with security policies and regulatory mandates like PCI DSS while also making it simple to protect other sensitive data including personally identifiable information (PII). While there are no tokenisation standards in the industry, most tokenisation solutions fall into one of two architectures: vaultless or vaulted tokenisation Both secure and anonymise sensitive assets. Tokenisation software can reside in the data centre, big data environments or the cloud.
If you are seeking a tokenisation solutions, consider:
Learn how tokenisation can be a valuable tool to aid in securing your digital transformation:
Efficiently Reduce PCI DSS Compliance Scope
Tokenisation can remove card holder data from PCI DSS scope with minimal cost and effort, enabling organisations to save on costs associated with compliance with the industry standard.
Conveniently Protect Personally Identifiable Information
Modern IT architectures require both use and protection of personally identifiable information (PII). With CipherTrust Tokenisation, PII protection is gained without encryption key management required by the software developer.
Foster Innovation Without Introducing Risk
Tokenise data and maintain control and compliance when moving data to the cloud or big data environments. Cloud providers have no access to token vaults or any of the keys associated with tokenisation root of trust.
Architect for Your Requirements: Vaultless or Vaulted and Cloud-Friendly
Both solutions leverage CipherTrust Manager as a secure encryption key source. All-software, cloud-friendly, is readily available, including with FIPS 140-2 Level 3 Root of Trust.
Vaultless Tokenisation with dynamic data masking offers format-preserving or random tokenisation to protect sensitive data. A RESTful API in combination with centralised management and services enables tokenisation with a single line of code per field. The service is provided by dedicated, distributed-cluster-capable CipherTrust Tokenisation Servers, delivering full separation of duties. Tokenisation management with convenient configuration workflows occurs in a graphical user interface. Simplicity results from the ability, with a few as just one line of code inserted into applications, to tokenise or detokenise with dynamic data masking.
Vaulted tokenisation CipherTrust Vaulted Tokenisation offers non-disruptive format-preserving tokenisation with a wide range of existing formats and the ability to define custom tokenisation formats. Data tokenisation can be applied directly on application servers on which the software is installed, or API requests from application to web servers on which tokenisation software is installed can be utilised for tokenisation. A full range of predefined tokenisation formats are provided with the distribution and customers can create additional formats.
Dynamic data masking capabilities
Tokenisation Server deployment form factors and options
Tokenisation Server deployment requirements