{"id":4253,"date":"2013-08-26T18:28:20","date_gmt":"2013-08-26T22:28:20","guid":{"rendered":"http:\/\/www.iri.com\/blog\/?p=4253"},"modified":"2017-11-06T12:39:09","modified_gmt":"2017-11-06T17:39:09","slug":"tokenization-fieldshield","status":"publish","type":"post","link":"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/","title":{"rendered":"PCI Tokenization in FieldShield"},"content":{"rendered":"<p>Submitting one&#8217;s credit card details electronically can be disconcerting (e.g., via physical scanner or internet purchase). The personally identifiable information it contains can lead to fraudulent charges, identify theft, and so on.<\/p>\n<p>To provide better security, a standard was made to protect users when providing credit card numbers online. This standard is called the Payment Card Industry Data Security Standard, or PCI DSS. This is a global standard and requires that any business must adhere to its rules if they would store, process, transmit cardholder data, and\/or accept payment cards. <a href=\"http:\/\/www.iri.com\/blog\/data-protection\/fieldshield-pcidss\/\" target=\"_blank\" rel=\"noopener\">Encryption<\/a> of the credit card or &#8216;Primary Account Number &#8216; (PAN) is one way to comply with PCI DSS; another is tokenization.<\/p>\n<p>In an effort to make the tokenized numbers more secure, IRI uses Open Database Connectivity (ODBC) to control the database. Doing this allows Windows Authentication NT to be used when logging into a database. IRI advises that Windows Authentication, instead of SQL Server Authentication, be chosen as the access method for the database that holds the card numbers. Using Windows Authentication allows the creator of the SQL Database to specify which users are allowed to access the database with their Windows login information.<\/p>\n<p>Tokenization is similar to encryption, but does not mask based on the original PAN. Instead, it uses other methods such as a random salt or an index to mask \u00a0PAN values by substituting the original PAN with a token value. The advantage of tokens is their uniqueness. When a token is created, it is only used in one location, thus eliminating the possibility of \u00a0multiple sources using that same token. With encryption, the PAN is transformed through an algorithm and still holds the original data.<\/p>\n<p>IRI has created a new function in the <a href=\"http:\/\/www.iri.com\/products\/fieldshield\" target=\"_blank\" rel=\"noopener\">FieldShield<\/a> data masking product\u00a0for those wishing to tokenize credit card (or other) values. In the PCI DSS context, the only requirement is a 16-digit card number. The\u00a0tokenization function is ODBC compliant, and can be configured to work with any SQL database.<\/p>\n<p style=\"text-align: center;\"><img loading=\"lazy\" decoding=\"async\" class=\" wp-image-4260 aligncenter\" src=\"http:\/\/www.iri.com\/blog\/wp-content\/uploads\/2013\/08\/Flowchart.gif\" alt=\"Flowchart\" width=\"530\" height=\"311\" \/><\/p>\n<p>The above flowchart illustrates how tokenization control flow works. Input consists of a 16-digit PAN that can be a literal value, or one that is passed from a file. An example of the script that can be called to use the tokenization function would be:<\/p>\n<pre><code>\/FIELD=(FIELDDATA=pci_assign_token(CardNumber), TYPE=ASCII, POSITION=1, SEPARATOR=\"\\n\")<\/code><\/pre>\n<p>In the example above, the only parameter for the function call is <em>CardNumber<\/em>,\u00a0a string consisting of 16 numbers.<\/p>\n<p>The function checks the assigned database for the card number. If it is not present, the card number is tokenized, inserted into the database, and then passed back to FieldShield. Similarly, if the card number is found in the database, the corresponding tokenized number is passed back to FieldShield, also allowing the user to write the tokenized values to a file.<\/p>\n<p>Additional functions, like <a href=\"http:\/\/www.iri.com\/solutions\/data-masking\/encryption\/format-preserving-encryption\" target=\"_blank\" rel=\"noopener\">format-preserving encryption<\/a>, can also be implemented automatically in the FieldShield context ahead of tokenization for an additional level of security in the token vault \/ database, or after de-tokenization to protect the PAN clear-text from &#8220;unauthorized&#8221; recipients.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Submitting one&#8217;s credit card details electronically can be disconcerting (e.g., via physical scanner or internet purchase). The personally identifiable information it contains can lead to fraudulent charges, identify theft, and so on. To provide better security, a standard was made to protect users when providing credit card numbers online. This standard is called the Payment<\/p>\n<div><a class=\"btn-filled btn\" href=\"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/\" title=\"PCI Tokenization in FieldShield\">Read More<\/a><\/div>\n","protected":false},"author":20,"featured_media":11728,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":""},"categories":[8],"tags":[14,203,9,399,400,148,149,401,342],"class_list":["post-4253","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-data-protection","tag-data-masking","tag-encryption","tag-fieldshield","tag-pci","tag-pci-dss","tag-personally-identifiable-information","tag-pii","tag-sql-database","tag-tokenization"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>PCI Tokenization in FieldShield - IRI<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"PCI Tokenization in FieldShield - IRI\" \/>\n<meta property=\"og:description\" content=\"Submitting one&#8217;s credit card details electronically can be disconcerting (e.g., via physical scanner or internet purchase). The personally identifiable information it contains can lead to fraudulent charges, identify theft, and so on. To provide better security, a standard was made to protect users when providing credit card numbers online. This standard is called the PaymentRead More\" \/>\n<meta property=\"og:url\" content=\"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/\" \/>\n<meta property=\"og:site_name\" content=\"IRI\" \/>\n<meta property=\"article:published_time\" content=\"2013-08-26T22:28:20+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2017-11-06T17:39:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/beta.iri.com\/blog\/wp-content\/uploads\/2013\/08\/credit-card-locked.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"847\" \/>\n\t<meta property=\"og:image:height\" content=\"567\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Zachary McHenry\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Zachary McHenry\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/\"},\"author\":{\"name\":\"Zachary McHenry\",\"@id\":\"https:\/\/beta.iri.com\/blog\/#\/schema\/person\/78eba25b0948cc80568f172c56e99745\"},\"headline\":\"PCI Tokenization in FieldShield\",\"datePublished\":\"2013-08-26T22:28:20+00:00\",\"dateModified\":\"2017-11-06T17:39:09+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/\"},\"wordCount\":500,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/beta.iri.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/beta.iri.com\/blog\/wp-content\/uploads\/2013\/08\/credit-card-locked.jpg\",\"keywords\":[\"data masking\",\"encryption\",\"FieldShield\",\"PCI\",\"PCI DSS\",\"personally identifiable information\",\"PII\",\"SQL database\",\"tokenization\"],\"articleSection\":[\"Data Masking\/Protection\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/\",\"url\":\"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/\",\"name\":\"PCI Tokenization in FieldShield - IRI\",\"isPartOf\":{\"@id\":\"https:\/\/beta.iri.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/beta.iri.com\/blog\/wp-content\/uploads\/2013\/08\/credit-card-locked.jpg\",\"datePublished\":\"2013-08-26T22:28:20+00:00\",\"dateModified\":\"2017-11-06T17:39:09+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/#primaryimage\",\"url\":\"https:\/\/beta.iri.com\/blog\/wp-content\/uploads\/2013\/08\/credit-card-locked.jpg\",\"contentUrl\":\"https:\/\/beta.iri.com\/blog\/wp-content\/uploads\/2013\/08\/credit-card-locked.jpg\",\"width\":847,\"height\":567,\"caption\":\"Credit Card Security, secure tradeing\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/beta.iri.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"PCI Tokenization in FieldShield\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/beta.iri.com\/blog\/#website\",\"url\":\"https:\/\/beta.iri.com\/blog\/\",\"name\":\"IRI\",\"description\":\"Total Data Management Blog\",\"publisher\":{\"@id\":\"https:\/\/beta.iri.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/beta.iri.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/beta.iri.com\/blog\/#organization\",\"name\":\"IRI\",\"url\":\"https:\/\/beta.iri.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/beta.iri.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/beta.iri.com\/blog\/wp-content\/uploads\/2019\/02\/iri-logo-total-data-management-small-1.png\",\"contentUrl\":\"https:\/\/beta.iri.com\/blog\/wp-content\/uploads\/2019\/02\/iri-logo-total-data-management-small-1.png\",\"width\":750,\"height\":206,\"caption\":\"IRI\"},\"image\":{\"@id\":\"https:\/\/beta.iri.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/beta.iri.com\/blog\/#\/schema\/person\/78eba25b0948cc80568f172c56e99745\",\"name\":\"Zachary McHenry\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/beta.iri.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f783b98096dabe202c36c6ab81417f89?s=96&d=blank&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f783b98096dabe202c36c6ab81417f89?s=96&d=blank&r=g\",\"caption\":\"Zachary McHenry\"},\"sameAs\":[\"http:\/\/www.iri.com\"],\"url\":\"https:\/\/beta.iri.com\/blog\/author\/zachm\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"PCI Tokenization in FieldShield - IRI","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/","og_locale":"en_US","og_type":"article","og_title":"PCI Tokenization in FieldShield - IRI","og_description":"Submitting one&#8217;s credit card details electronically can be disconcerting (e.g., via physical scanner or internet purchase). The personally identifiable information it contains can lead to fraudulent charges, identify theft, and so on. To provide better security, a standard was made to protect users when providing credit card numbers online. This standard is called the PaymentRead More","og_url":"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/","og_site_name":"IRI","article_published_time":"2013-08-26T22:28:20+00:00","article_modified_time":"2017-11-06T17:39:09+00:00","og_image":[{"width":847,"height":567,"url":"https:\/\/beta.iri.com\/blog\/wp-content\/uploads\/2013\/08\/credit-card-locked.jpg","type":"image\/jpeg"}],"author":"Zachary McHenry","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Zachary McHenry","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/#article","isPartOf":{"@id":"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/"},"author":{"name":"Zachary McHenry","@id":"https:\/\/beta.iri.com\/blog\/#\/schema\/person\/78eba25b0948cc80568f172c56e99745"},"headline":"PCI Tokenization in FieldShield","datePublished":"2013-08-26T22:28:20+00:00","dateModified":"2017-11-06T17:39:09+00:00","mainEntityOfPage":{"@id":"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/"},"wordCount":500,"commentCount":0,"publisher":{"@id":"https:\/\/beta.iri.com\/blog\/#organization"},"image":{"@id":"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/#primaryimage"},"thumbnailUrl":"https:\/\/beta.iri.com\/blog\/wp-content\/uploads\/2013\/08\/credit-card-locked.jpg","keywords":["data masking","encryption","FieldShield","PCI","PCI DSS","personally identifiable information","PII","SQL database","tokenization"],"articleSection":["Data Masking\/Protection"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/","url":"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/","name":"PCI Tokenization in FieldShield - IRI","isPartOf":{"@id":"https:\/\/beta.iri.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/#primaryimage"},"image":{"@id":"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/#primaryimage"},"thumbnailUrl":"https:\/\/beta.iri.com\/blog\/wp-content\/uploads\/2013\/08\/credit-card-locked.jpg","datePublished":"2013-08-26T22:28:20+00:00","dateModified":"2017-11-06T17:39:09+00:00","breadcrumb":{"@id":"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/#primaryimage","url":"https:\/\/beta.iri.com\/blog\/wp-content\/uploads\/2013\/08\/credit-card-locked.jpg","contentUrl":"https:\/\/beta.iri.com\/blog\/wp-content\/uploads\/2013\/08\/credit-card-locked.jpg","width":847,"height":567,"caption":"Credit Card Security, secure tradeing"},{"@type":"BreadcrumbList","@id":"https:\/\/beta.iri.com\/blog\/data-protection\/tokenization-fieldshield\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/beta.iri.com\/blog\/"},{"@type":"ListItem","position":2,"name":"PCI Tokenization in FieldShield"}]},{"@type":"WebSite","@id":"https:\/\/beta.iri.com\/blog\/#website","url":"https:\/\/beta.iri.com\/blog\/","name":"IRI","description":"Total Data Management Blog","publisher":{"@id":"https:\/\/beta.iri.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/beta.iri.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/beta.iri.com\/blog\/#organization","name":"IRI","url":"https:\/\/beta.iri.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/beta.iri.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/beta.iri.com\/blog\/wp-content\/uploads\/2019\/02\/iri-logo-total-data-management-small-1.png","contentUrl":"https:\/\/beta.iri.com\/blog\/wp-content\/uploads\/2019\/02\/iri-logo-total-data-management-small-1.png","width":750,"height":206,"caption":"IRI"},"image":{"@id":"https:\/\/beta.iri.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/beta.iri.com\/blog\/#\/schema\/person\/78eba25b0948cc80568f172c56e99745","name":"Zachary McHenry","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/beta.iri.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f783b98096dabe202c36c6ab81417f89?s=96&d=blank&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f783b98096dabe202c36c6ab81417f89?s=96&d=blank&r=g","caption":"Zachary McHenry"},"sameAs":["http:\/\/www.iri.com"],"url":"https:\/\/beta.iri.com\/blog\/author\/zachm\/"}]}},"jetpack_featured_media_url":"https:\/\/beta.iri.com\/blog\/wp-content\/uploads\/2013\/08\/credit-card-locked.jpg","_links":{"self":[{"href":"https:\/\/beta.iri.com\/blog\/wp-json\/wp\/v2\/posts\/4253"}],"collection":[{"href":"https:\/\/beta.iri.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/beta.iri.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/beta.iri.com\/blog\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/beta.iri.com\/blog\/wp-json\/wp\/v2\/comments?post=4253"}],"version-history":[{"count":35,"href":"https:\/\/beta.iri.com\/blog\/wp-json\/wp\/v2\/posts\/4253\/revisions"}],"predecessor-version":[{"id":11729,"href":"https:\/\/beta.iri.com\/blog\/wp-json\/wp\/v2\/posts\/4253\/revisions\/11729"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/beta.iri.com\/blog\/wp-json\/wp\/v2\/media\/11728"}],"wp:attachment":[{"href":"https:\/\/beta.iri.com\/blog\/wp-json\/wp\/v2\/media?parent=4253"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/beta.iri.com\/blog\/wp-json\/wp\/v2\/categories?post=4253"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/beta.iri.com\/blog\/wp-json\/wp\/v2\/tags?post=4253"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}