By Dane Ashworth
Credit card tokenization has been around for several years but few companies have implemented or understand how the process works. Credit cards that are processed natively within your software systems typically write the credit card information into their database and then send it out for approval through the payment gateway. The credit card number is typically encrypted since it is stored in your database. Encryption solves the problem of a hacker stealing a copy of your database, backup file or tape and consequently gaining access to the raw credit card information. However it doesn’t solve the issue of a malicious employee who has access to the credit card data as a part of their day-to-day job duties. Users need access to the credit card information on file in an unencrypted format in order to pass the number up to the payment gateway for approval.