TOKENIZATION AND ENCRYPTION
StrongKey tokenization and encryption protects sensitive application-level data.
Protecting Sensitive Information
Protecting the privacy of personal account numbers (PANs) and personally identifiable information (PII) is critical to complying with privacy standards such as GDPR, HIPAA, and PCI DSS. StrongKey Tellaro uses tokenization, encryption, cryptographic key management, and ANSI Derived Unique Key Per Transaction (DUKPT) to ensure sensitive information is handled securely and never stored in cleartext.
What is Tokenization?
Tokenization is the process of turning a valuable piece of data, such as a PAN or PII, into a random string of characters called a token that has no value if stolen. StrongKey Tellaro uses tokenization and encryption to generate tokens representing the real data that can be stored safely in a data repository, such as a database, without the risk of exposing private data to malicious insiders or outsiders. Sitting between the customer's application and database, StrongKey Tellaro encrypts and decrypts the data without storing any unencrypted data.
Application Level Encryption and Strong Authentication
Application Level Encryption and Strong Authentication (ALESA) combines StrongKey's capabilities in tokenization, encryption, cryptographic key management and FIDO strong authentication to protect data and ensure the highest level of authentication assurance. StrongKey provides an end-to-end approach to security where strong authentication is the first line of defense, and tokenization and encryption are the last lines of defense.
StrongKey Also Handles PKI Management
Our PKI Management software module provides secure key and certificate generation, storage, and management. Including an onboard root CA and HSM, our Tellaro-E appliance meets FIPS 140-2 Level 3 compliance standards. We allow financial providers to securely manage keys and digital certificates for TLS, digital signatures, authentication, machine identities, secrets vaults, and IoT devices.
TOKENIZATION AND ENCRYPTION BENEFITS
PCI DSS Compliance
Accelerates compliance with the toughest PCI DSS requirements:
3.4–Render PAN unreadable
3.5–Protect cryptographic keys
3.6–Implement key management
4.1–Use strong cryptography
4.2–Never send unencrypted PANs
3.5–Protect cryptographic keys
3.6–Implement key management
4.1–Use strong cryptography
4.2–Never send unencrypted PANs
Industry Standard Support
Base Derivation Key (BDK)
Symmetric/Asymmetric Key ManagementANSI X9.24-1:2009 Derived Unique Key per Transaction (DUKPT)
End-to-end encryption for “card-present” transactions
Protect data and personal identification numbers (PINs)
Escrow RSA public keys for devices
Symmetric/Asymmetric Key ManagementANSI X9.24-1:2009 Derived Unique Key per Transaction (DUKPT)
End-to-end encryption for “card-present” transactions
Protect data and personal identification numbers (PINs)
Escrow RSA public keys for devices
Broad Integration
Supports integration with databases, payment gateways, POS credit card terminals
Hardware-based Cryptoprocessor
Standard FIPS 140-2 Level-2 TPM or optional FIPS 140-2 Level-3 HSM to provide the most secure environments for master keys.
STRONGKEY SECURITY SOLUTIONS
StrongKey Tellaro is a comprehensive software suite that provides strong authentication, encryption, tokenization, PKI management, and digital signature management. Our open-source software includes a FIDO® Certified FIDO2 server, and we support flexible data center and cloud deployment models.
ENCRYPTION OPTIONS
Physical Appliance
- Encryption and Tokenization is a standard feature of the StrongKey Tellaro appliance
- The Tellaro appliance does so much more than just encryption and tokenization—it's your one-stop shop for for strong authentication, key management, PKI, and several other disruptive defenses
- Tellaro appliances protect cryptographic keys with either a TPM or HSM
StrongKey Hosted Solution
- For the best of both worlds, use the Tellaro appliances but let us manage them for you
- Stored in our secure data centers around the globe, you pay a simple all-inclusive subscription
WHY STRONGKEY?
- Hardware-based Security
StrongKey Tellaro supports the highest levels of authentication assurance based on NIST guidance; additionally, our appliance uses an onboard FIPS 140-2 Level 2 validated cryptographic hardware module in the form of a trusted platform module (TPM) as a standard feature—with the option to configure it with a hardware security module (HSM) for FIPS 140-2 Level 3 compliance—providing some of the highest protection available for key generation, use and storage - Cost-effective
Our solutions are sold with no per-user or per-transaction fees; we also offer custom integration and professional services - Integration and Support
We provide integration and support services for FIDO testing, development, and production; PKI device on-boarding and provisioning; PCI DSS compliance and system integration; and customized support services for enterprise and SMBs - Open Source
StrongKey is committed to the open-source community. Our software is available for free download on GitHub and SourceForge via the GNU Lesser General Public v2.1 License; StrongKey provides full support, maintenance, and upgrades for purchased versions of our software - Experience
StrongKey has been helping Fintech companies for more than 15 years; see our customer testimonies below
TOKENIZATION EXPLAINED
