We notice you are visiting from a U.S. Internet provider. 
05/03/2010 -
Tokenization has seen a good deal of attention in recent months, as it presents a way for merchants to improve their payment processing security while also potentially reducing PCI compliance costs. Yet it may complicate other aspects of a business, reported SearchSecurity.com.Experts told the IT security news provider that tokenization can be an effective security measure, both because of how it disguises payment processing data and how it centralizes cardholder information. "Tokenization fits in as a strategy of shrinking the size of cardholder data environment and minimizing the scope of the assessment," John Pescatore, vice president and analyst at IT research firm Gartner, told the website.
However, tokenization may present difficulties for other business departments, ones that depend on customer purchase information. For example, those responsible for inventory need to identify customer buying habits, as do marketing departments.
The article also cites a lack of standards as potentially problematic for tokenization implementations.
Standards are expected to be forthcoming, however, as PricewaterhouseCoopers recently conducted a study analyzing the security and implementation feasibility of different payment processing security technologies, of which tokenization was included. The report was passed on to the PCI Security Standards Council, which will use it to explore the role of tokenization and other new technology for potential inclusion in the upcoming new version of the PCI DSS.
