Increasingly, the solution that’s emerging is account tokenization. We recently sponsored a webinar featuring industry experts to discuss how account tokenization is transforming data security and paving the way to open banking. This panel included:
- Jeff Williams, SVP of Product Development, The Clearing House (TCH)
- Ginny Chappell, EVP, Product & Marketing, Moov Financial
- Lloyd Fernandes, VP, Product Management, Envestnet | Yodlee
- Chris Preimesberger, Contributing Writer, VentureBeat
Through a series of thought-provoking questions, the panel detailed how account tokens offer a highly secure way to retrieve, verify, and share data.
Tokens help reduce fraud and build trust
At its most basic, an account token is an alternative account identifier. A token service provider (TSP) takes sensitive data like a PIN as input, and generates a surrogate value or token as output. This data and the token itself are then stored in a token vault at the TSP.
The result: a merchant or independent software vendor (ISV) can store the token without worrying about the underlying sensitive data being exposed. And banks can turn off and re-tokenize in the case of fraud without the hassle or inconvenience of closing and re-opening an account. This helps foster trust and reputation.
Tokens provide friction-free transactions
Account tokens look like and are formatted like a real account. By virtue of that, token transactions are transparent and flow seamlessly through the network, whether it’s a fintech app, a corporate entity, or a biller.
Tokens go beyond conventional data security to protect against hackers and bad actors
A few years ago, the financial services industry turned to encryption to combat fraud. However, this method only secures data at rest, rendering it more vulnerable when it's decrypted to make a payment and passed along in the payment flow. An account token on the other hand, not only protects data at rest, but it also protects data in motion because, while a token looks and flows through the network just like a real account, it isn’t. If a hacker or a breach happens at any hop in the payment flow, it’s useless and can’t be used by an unauthorized party.
Tokens simplify account verification
Account verification requires a lot of compliance handling, as data has to be protected both at rest and in transit. This becomes a huge burden, as all the parties involved have to be sure to build the right infrastructure, conduct annual audits, etc. However, that burden goes away with account tokens because you're not saving sensitive information or even storing it in places where you don't need to.
Tokens prevent costly disruption
Fintechs, billers, apps, and other third parties can have their own unique token. This gives banks the option to turn off that individual token – if the bank recognizes that there’s fraud, or it no longer wants to do business with a certain app, fintech, etc. – without disrupting the entire payment industry by blocking the account as a whole.
Such simplicity is welcomed, as it typically costs more than $200 for a bank to close and reopen or reissue an account that’s been compromised, to say nothing of the inconvenience it causes for the customer as well.
View Webinar for More Insights
For the complete panel discussion on the benefits of tokenization – from how it creates a better user experience to how it boosts innovation and democratizes financial services – we invite you to watch this conversation and for a more in-depth look at our solutions, visit our payments page or reach out to schedule a call.