Analyzing the Security, Compliance and Cost Benefits of Tokenization

7 Pages Posted: 30 Apr 2009 Last revised: 7 May 2009

Date Written: April 30, 2009

Abstract

Tokenization has been billed as the magic data security bullet for retailers, offering strong protection for stored sensitive data and an attractive cost-saving strategy for achieving PCI compliance. The reported potential benefits are significant enough that other enterprises have begun seriously considering tokenization for inclusion in their own data security efforts. But does the technology live up to the hype? According to Protegrity’s Chief Technical Officer Ulf Mattsson, tokenization can provide measurable benefits when deployed as part of a risk-based holistic data security solution, but it’s not best suited for every business - in some cases, the expense and time spent fitting a system and applications for tokenization may outweigh the benefits.

In this Interview with the CTO, Mattsson examines the positive effects and potential drawbacks of tokenization and outlines the issues that retailers (and enterprises) should consider when weighing whether to deploy tokenization, as well as the system architecture, policies and procedures that should be implemented to get the best out of the technology.

Keywords: PCI DSS, tokenization, database, security, encryption

JEL Classification: C88

Suggested Citation

Mattsson, Ulf T., Analyzing the Security, Compliance and Cost Benefits of Tokenization (April 30, 2009). Available at SSRN: https://ssrn.com/abstract=1397242 or http://dx.doi.org/10.2139/ssrn.1397242

Ulf T. Mattsson (Contact Author)

Protegrity Corp. ( email )

One Cantebury Green
Stamford, CT 06901
United States

HOME PAGE: http://www.ulfmattsson.com

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
264
Abstract Views
1,328
Rank
226,275
PlumX Metrics