A new report published by Research and Markets predicts the global tokenization market will hit $2.25 billion by 2020 with a Compound Annual Growth Rate (CAGR) of 22.4%.
“The constant pressure of managing sensitive data of consumers, along with the need to manage stringent compliances, has led enterprises of all sizes to adopt tokenization solutions for critical information protection,” Research and Markets analysts stated in a recent press release.
“Moreover, cloud-based deployment is gaining high traction in the market, as it requires less capital investment, helps decrease operational and maintenance costs, and reduces the management’s efforts. Cloud tokenization solutions are available according to customer’s demand, wherein a customer can start or stop any service, at will.”
As Research and Markets analysts explain, tokenization solutions essentially replace payment card data with a unique token, allowing organizations to comply with both the Payment Card Industry Data Security Standard (PCI DSS) and Health Insurance Portability and Accountability Act (HIPAA). To be sure, versatile tokenization solutions can be used for payment security, user authentication, and compliance management.
According to Research and Markets, the payment security application space is projected to dominate the tokenization sphere and contribute the largest market share during the forecast period (2017-2022) discussed in the above-mentioned report. Moreover, it is expected to play a key role in altering the tokenization market landscape while growing at the highest rate – as the demand for payment security increases due to a growing eCommerce sector and digitization in the healthcare industry.
As we’ve previously discussed on Rambus Press, tokenization is a payment security technology that replaces cardholder information, such as account numbers and expiration dates, with a unique digital identifier (a “token”) that can be used for payment without exposing a cardholder’s more sensitive account information. Essentially, this means tokenized data is worthless if obtained by fraudsters, as it simply acts as a reference for a consumer’s original card data – which only the card networks and/or the consumer’s bank can map back to the original account.
A detailed view of the tokenization process is outlined below:
- A payment token is generated from the cardholder’s primary account number (PAN). For security reasons, tokens can be restricted to one use and/or a specific domain (contactless mobile transaction, a merchant’s online website, etc.), for example. The token is then sent to the token vault, a PCI-SSC compliant environment.
- Tokens are loaded onto the user’s mobile device as part of the virtual card profile.
- The NFC device makes a payment at a merchant’s contactless point-of-sale (POS) terminal using the token as the card number.
- The POS terminal sends the token to the acquiring bank, which relays it to the issuing bank via the payment network.
- The issuer de-tokenizes the token to the real PAN and, if matched, approves the payment.
- The response from the card issuer is returned to the POS terminal using the token as the card reference.
Interested in learning more about tokenization? You can find out more about Rambus’ mobile payments product portfolio, which includes a number of tokenization solutions, and download our eBook on the subject below.