Blog

Understand the Difference Between EMV, Tokenization and Encryption

June 28, 2017

The way the payment processing industry has changed in the past few years may leave some merchants with a lot of questions thanks to the kind of technical jargon that is often associated with the emerging technologies.

 

The way the payment processing industry has changed in the past few years may leave some merchants with a lot of questions thanks to the kind of technical jargon that is often associated with the emerging technologies. However, it’s vital for merchants – regardless of their size or the specific industries in which they operate – to understand the differences between a few of these terms, and how each affects their options.

When implementing any kind of new process to handle card-based transactions, it’s vital for all merchants to follow industry-recommended best practices to ensure proper functionality and security.

It’s not always easy to understand the differences between EMV, encryption and tokenization, but putting in the time to research it may help merchants considerably boost their security.

The most common of the big changes in the credit card processing industry in the past few years is EMV, which relies on microchips embedded in a card to hold account data, according to the Electric and Gas Industries Association. In the past, this function was served by magnetic strips on the backs of cards, but EMV is more secure because the chips are far more difficult to copy and reproduce. The payment data from the card is encrypted so that it can only be read by a point-of-sale device, ensuring that card-present payment fraud is reduced at the point of sale.

There's more to payment security now than ever before.There’s more to payment security now than ever before.

So What’s the Difference Between EMV and Encryption?
While EMV relies on encryption, the latter is distinct because of the number of ways in which it can be employed, according to Merchant Link. For example, encryption can be used at the point of sale, but also at the point during which data is transmitted for the payment process as a whole. That helps to protect the information and ensure that, even if it is somehow intercepted, it cannot be decoded. Put another way, the payment data is encrypted at the point of sale, transmitted in a virtually uncrackable code, and only made readable again when it reaches its intended destination.

In addition, encryption can – and, according to security experts, should – be used to protect customer data when it’s simply being stored.

And What Does ‘Tokenization’ Mean?
Finally, tokenizing transactions creates a unique code for each purchase that – just like encryption – is effectively useless if intercepted during transmission of payment data, according to Digital Transactions. Specifically, the payment data including card numbers, expiration dates, and so on will be replaced with a random string of characters that cannot be decoded. Most often, tokenization can be commonly seen in mobile payments, which are starting to pick up steam as a preferred payment type among consumers and businesses alike.

The greater the effort merchants can undertake to ensure they understand all the payment security options available to them, the more likely they will be to make decisions that work best for not only themselves and their customers, but the entire payments ecosystem.

Back To Blog