Tokenization: Vault based Vs Vault-less

Tokenization means generating a random number as an alternative for a Credit card (PAN) number. The random number can be a Numeric/Non-numeric. It is in such a format that others cannot decode it.   
***
The popular tokenization server is the Vault server. It generates a random Token for each transaction customer made at Merchant outlets. You can find how card numbers masked with junk characters in the pdf provided. Here is the Visa Security Tokenization Pdf.


Vault based Vs Vault-less


Two Top Tokenization Servers.

  1. Vault based server
  2. Vault-less server
    What is Tokenization?



    1. Vault based server

    It stores a Card number (PAN) and a Token in a Table of the Teradata database as Key and value pair. Due to the growing volume of transactions, the handling of the database became a big challenge for acquirers. 

    For each transaction, the vault server stores a record. That row contains both the Credit card number and its Token. When you use the same card multiple times, it generates different Tokens.  It is the basic concept of any Token server.  


    The tokenization process


    2. Vault-less Server.


    The Vault-less server is much faster. It generates random numbers based on the Split-algorithm logic. So decoding is harder. For each credit card transaction, it generates a new token.


    Moreover, it does not store card numbers and tokens. It generates both numeric or alphanumeric Tokens. Here is the list of top differences between the Vault and Vaultless server.


    The principle behind this is to generate a random number and send it out.


    Comments

    1. Hello Srini

      Just read your article on vault -v- vaultless, this question can only be answered depending on the vault itself - was it built to be scalable? Does it store every transaction? Quite simply no it does not, but like i say it all depends on how the vault was built. Is it more secure than vaultless - definately.

      ReplyDelete
      Replies
      1. Vault-less is reversible security method that replaces sensitive data with fake data that looks and feels just like the real thing. So vault-less is advanced than Vault.

        Delete

    Post a Comment

    Thanks for your message. We will get back you.

    Popular posts from this blog

    How to Fix Python Syntax Errors Quickly

    7 AWS Interview Questions asked in Infosys, TCS

    Hyperledger Fabric: 20 Real Interview Questions