Upload File

tokenization-infographic-final

1
TOKENIZATION IS ONE INNOVATIVE TECHNOLOGY THAT BANKS USE TO PROTECT CUSTOMERS FROM FRAUD OTHER TECHNOLOGIES WAYS TO PAY EMV CHIP creates unique cryptogram for each transaction TOKENIZATION TECHNOLOGY ENCRYPTION Codes data so that only verified parties can read it Replaces sensitive customer account data with a secure alternative, or a token A token is a unique number that is useless if stolen Takes place instantly behind the scenes and requires no action by the customer Runs on payments systems that are in use today WHY USE TOKENIZATION? HOW ARE TOKENS ISSUED? = TOKEN USELESS TO THIEVES PERSONAL ACCOUNT NUMBER USABLE IF STOLEN When a customer makes a transaction, their account number passes through the network The network verifies the account information with the bank The network issues a token to replace the account number When paying—either via online purchase or tap-to-pay—the token goes to the Merchant The Merchant passes the token along to their Merchant Acquirer The Merchant Acquirer passes the token to the Network Once passed to the Network, the data is within the secure bank vault The Bank verifies funds and authorizes the transaction The authorization is passed to the Network and proceeds back to the Merchant Acquirer and to the Merchant The network consults its “Token Vault” to match the token with the customer’s account number CUSTOMER BANK MERCHANT ACQUIRER NETWORK TOKEN VAULT 1 2 3 4 5 The Network passes along the token and personal account number to the Bank 6 7 8 HOW DOES A TOKENIZED TRANSACTION WORK? TOKENS ARE USELESS IF STOLEN Tokens can be configured so that they are only good for transactions that fit specific criteria Even if the retailer systems are compromised, thieves can only get tokenized data. Since tokenized data is useless to a fraudster, the customer is protected despite the data breach. Although customers may not see it, banks are adopting many invisible technologies to protect against fraud. Tokenization is one technology that banks are using to protect customers when they pay online or with their smart phone. To learn more, visit aba.com/PaymentsandCyber. After a data breach, if a token is used elsewhere, the network can detect the token as stolen and will reject the fraudulent transaction. GOOD FOR A SET PERIOD OF TIME GOOD ONLY FROM A SPECIFIC RETAILER GOOD FOR ONLY A CERTAIN DOLLAR AMOUNT © 2015 American Bankers Association From the ABA Center for Payments and Cybersecurity 3 WAYS TO PAY ONLINE MOBILE OR WEB SMART PHONES NFC, QR, Bluetooth CARD 3 TYPES OF FRAUD 13 % 4 % LOST/STOLEN Fought by signature or pin OTHER Account data is used (primarily at online retailers) Fought by encryption and tokenization CARD NOT PRESENT 45 % COUNTERFEIT 38 % Card duplicated using account data Fought by both encryption and EMV

Upload: robert-morgan

Post on 15-Aug-2015

18 views

Category:

Documents


1 download

Report

TRANSCRIPT

Page 1: Tokenization-Infographic-FINAL

TOKENIZATION IS ONE INNOVATIVE TECHNOLOGY THAT BANKS USE TO PROTECT CUSTOMERS FROM FRAUD

OTHER TECHNOLOGIES

WAYS TO PAY

EMV CHIPcreates unique cryptogram for each transaction

TOKENIZATION TECHNOLOGY

ENCRYPTION Codes data so that only verified parties can read it

• Replaces sensitive customer account data with a secure alternative, or a token A token is a unique number that is useless if stolen

• Takes place instantly behind the scenes and requires no action by the customer

• Runs on payments systems that are in use today

WHY USE TOKENIZATION?

HOW ARE TOKENS ISSUED?

=TOKEN USELESS TO THIEVES

PERSONAL ACCOUNT NUMBER USABLE IF STOLEN

When a customer makes a transaction, their account number passes through the network

The network verifies the account information with the bank

The network issues a token to replace the account number

When paying—either via online purchase or tap-to-pay—the token goes to the Merchant

The Merchant passes the token along to their Merchant Acquirer

The Merchant Acquirer passes the token to the Network

Once passed to the Network, the data is within the secure bank vault

The Bank verifies funds and authorizes the transaction

The authorization is passed to the Network and proceeds back to the Merchant Acquirer and to the Merchant

The network consults its “Token Vault” to match the token with the customer’s account number

CUSTOMER

BANK

MERCHANT ACQUIRER NETWORK TOKEN VAULT

1 2 3 4 5

The Network passes along the token and personal account number to the Bank

678

HOW DOES A TOKENIZED TRANSACTION WORK?

TOKENS ARE USELESS IF STOLEN Tokens can be configured so that they are only good for transactions that fit specific criteria

Even if the retailer systems are compromised, thieves can only get tokenized data. Since tokenized data is useless to a fraudster, the customer is protected despite the data breach.

Although customers may not see it, banks are adopting many invisible technologies to protect against fraud. Tokenization is one technology that banks are using to protect customers when they pay online or with their smart phone.

To learn more, visit aba.com/PaymentsandCyber.

After a data breach, if a token is used elsewhere, the network can detect the token as stolen and will reject the fraudulent transaction.

GOOD FOR A SET PERIOD OF TIME

GOOD ONLY FROM A SPECIFIC RETAILER

GOOD FOR ONLY A CERTAIN DOLLAR AMOUNT

© 2015 American Bankers Association From the ABA Center for Payments and Cybersecurity

3 WAYS TO PAY

ONLINE MOBILE OR WEB

SMART PHONES NFC, QR, Bluetooth

CARD

3 TYPES OF FRAUD

13%4%

LOST/STOLEN Fought by

signature or pin

OTHER

Account data is used (primarily at online retailers)

Fought by encryption and tokenization

CARD NOT PRESENT45%

COUNTERFEIT 38%

Card duplicated using account data

Fought by both encryption and EMV

http://www.aba.com/Tools/Function/Pages/center-payments-cybersecurity.aspx

Leading Edge Infographic final

Gartner infographic final

Final Infographic

Tokenization Pci

TICB infographic FINAL

Liberis infographic 2 final

Info govgap infographic final

Ns Search Infographic FINAL

Wpr 2013 infographic final

2015 Reap Infographic-Final

FINAL infographic PRINTpdf

IPN Superhero Infographic Final

Final milk production infographic 2014

Final - Infographic

NetApp IDC Infographic Final

¹‚ครงการบริการ... · 2. Infographic + Basic Infographic • reference • infographic "Workshop + Presentation" • Infographic Icon, vector art Final work

Tokenization Guidelines

Infographic final

Acs Infographic 9_16 Final

DUFL Infographic- Final 11.3

ATIC F1 INFOGRAPHIC FINAL

Infographic: Mobile the Final Frontier

Infographic jae final

Infographic vaccination final

FINAL Hilton Diamond Infographic

Silica infographic final - LHSFNA

Barcode History Infographic FINAL

Final Cold Calling Infographic

29397 SurfaceMarketingH2Scotland infographic FINAL

Final Tea Infographic

Tokenization Whitepaper

Creative effectiveness-infographic-final

Wimbledon Infographic Final

Agents survey-infographic 2014 final

Business Intelligence In Cloud Computing A Tokenization Approach Final