Planning for Tokenization

There are several options to consider before starting your AuricVault® tokenization service implementation:

  • Contents: What data will you store in each token?

  • Encryption Management: Will you let the service handle your encryption and key management (recommended), or will you encrypt the data yourself?

  • Integration Method: Will you tokenize from your server or a browser?

  • Retention Policy: How long will you maintain the tokenized data?

  • Permission Policy: How many different services, clients, or partners need to store and access the tokenized data?

  • Segmentation: How should you segment/classify your tokens with different access permissions?

Each token can contain up to 11,000 bytes of ASCII or UTF-8 encoded data. Tokens you intend to use with the Token Swap or Payments Passthrough features must contain only the cardholder account number (PAN). Binary data must first be encoded into a text format such as Base64 or Hexadecimal.