Magensa TokenExchange Service
One of the key challenges organizations have today is keeping information private - be it personally identifiable information (PII), protected health information (PHI), credit card number /expiration date, or other important data/information. Magensa Tokenization Service is a vaultless, cloud-based solution that protects sensitive data by replacing it with a cryptographically secure token and an integrity hash. The Magensa Tokenization Service is accessed through the Magensa Payment Protection Gateway (MPPG) or the Magensa Decrypt and Forward service to generate and redeem tokens.
Dynamic tokenization means a unique token is generated every time, which is much more secure than using a static token. Tokens are dynamically generated by a unique encryption key for each token created.
Unique, Vaultless Solution
Magensa’s Tokenization Service is vaultless, which means the customer maintains control (custodianship) of the data as an encrypted token.
Security and Key Management
Magensa’s encrypted tokens stand up to the most modern attacks and are resilient to quantum computer hacking techniques. Tokens are created by leveraging symmetric key encryption within a hardware security module (HSM) utilizing AES/3DES encryption by a derived unique key per transaction (DUKPT).
Magensa’s tokenization is delivered as Platform-as-a-Service (PaaS), a type of cloud computing service that provides a platform allowing customers to develop, run, and manage applications without the complexity of building and maintaining infrastructure typically associated with developing and launching an application.
Privatize All Sensitive Data
One of the key challenges today both for individuals and corporations is keeping information private to the owner(s) of that information. Sensitive data is any information when disclosed that can result in harm to an individual whose privacy has been compromised.
How It Works
- Sensitive data is sent to Magensa for token generation. Magensa creates tokens, encrypts them, and sends them back to business to hold. When the tokenized sensitive data needs to be viewed or processed, the business sends the encrypted tokens to Magensa for decryption and return. Alternatively, the data can be securely forwarded to other end points, e.g., third party processors, etc.
Implementations and Applications
- In the payment environment:
- A user account is setup to access the Magensa Payment Protection Gateway Service or Decrypt and Forward Service and a request is made through these services to create and redeem tokens based on the payment application.
- In the non-payment environment:
- A user account is setup to call the Token Web Service directly to intentionally perform Token Generation and Token Redemption operations.
|Compatible OS||Windows, iOS, Android|
|Compatible Devices||Secure card reader authenticators|