SYDNEY & MELBOURNE, AUSTRALIA
AwareIT

Data Tokenization helps enhance your Cyber Security Resiliance

The Facts

image2

Some Statistics

Identity theft accounted for 69% of all data breaches. 

• US $20 is the average price for a stolen identity record.  

Despite 45% of American companies that had a ransomware breach paying-off the hackers only 26% of them had their data released. 

A Data breach is one of the top 3 causes of brand damage.

Tokenization removes the ability to use data when a network is breach 


image3

2018 Costs of a Breach

•  US $148 cost per Stolen Record Global Average

•  $233 per Capita Cost in the U.S.

•  $7.9M per Data Breach in the U.S.

•  $4.2M lost business


source: Ponemon 2018 Cost of a Data Breach

image4

Data Breach by the Numbers

• 1 out of 4 will experience a breach

• 668 Data Breaches in U.S. in 2018

• 22.4MM Compromised Records


source: Statista

WHAT'S THE DIFFERENCE BETWEREN ENCRYPTION AND TOKENIZATION

image5

 Tokenization and encryption are often mentioned together as means to secure information when it’s being transmitted on the Internet or stored at rest. In addition to helping to meet your organization’s own data security policies, they can both help satisfy regulatory requirements such as those under PCI DSS, EU GDPR or the Australian Privacy Act and Regulations.

  

While tokenization and encryption are both effective data obfuscation technologies, they are not the same thing, and they are not interchangeable - and of course you can  use both in your efforts to protect your data.  Each technology has its own strengths and weaknesses, and based on these, one or the other should be the preferred method to secure data under different circumstances. In some cases, such as with electronic payment data, both encryption and tokenization are used to secure the end-to-end process.

Encryption

  •  Mathematically transforms plain text into cipher text using an encryption algorithm and key 
  •  Scales to large data volumes with just the use of a single (preferable complex) encryption key to decrypt data
  •  Used for structured fields, as well as unstructured data such as entire files
  •  Ideal for exchanging sensitive data with third parties who have the encryption key
  •  Original data leaves the organization, but in encrypted form 
  • Can be de-crypted by brute force with some effort

Tokenization

  • Randomly generates a token value for plain text and stores the mapping in a database and can't be reversed (decrypted)
  •  Difficult to scale and maintain performance as database increases in size 
  •  Ideally suited for structured data fields such as payment card details, Tax File number, etc.
  •  Difficult to exchange data since it requires direct access to a token vault mapping token values (but that also means impossible to steal!)
  •  Format can be maintained without any diminished strength of the security 
  •  Can be setup so that original data is never stored on  the organization systems, simplifying  certain compliance requirements 

Why Tokenize Your Data

  • Removes the risk of losing sensitive data if there is a network comprise, “ No Data, No Theft “.
  • No data loss removes the need to report data breaches, under mandatory data breach reporting legislation, protecting brand image and reputation.
  • Reduce PCI DSS compliance audit scope.  Tokenization can be performed at the point of sensitive data capture.

Experts in Tokenization as a Service Integration

  • Seamless Integration & Implementation
  • Dedicated Project Manager and Architect
  • Data Conversion Plan and Templates
  • End-to-end Testing
  • 24 x 7 x 365 Support
  • Post-implementation Support

Omni-channel Integrations

  •  ERP
  • eCommerce
  • Mobile
  • Call Centre
  • Batch / EDI
  • P2Pe
  • Legacy Systems
  • Web Services

Capabilities

  • Data Vaulting
  • Custom Token Schemes
  • Tokenize any Dataset
  • Encryption and Key Management
  • Payment Gateway Integration
  • Fraud Detection Integration
  • Automated Clearing House Provider Integration
  • Financial Institution Integration

Experience in all industries

  •  Healthcare
  •  Insurance
  •  eCommerce
  • Fintech & Financial Institutions


  • Marketing,  Retail
  •  Hospitality
  •  Booking, Travel & Ticketing
  •  Accounting Services

The PersonaLlY Identifiable information (PII) architecture

image6

Cloud vs. On-premise

Benefits of Cloud

•Completely removes sensitive data from ecosystem

•Reduces complexity for companies with flat networks

•Supports burst peak times with horizontal and vertical scalability.


Cloud Saves Money

•Provides data security at a lower cost than buying or building in-house solution

•Reduces hardware, maintenance & personal costs

Volume-Based Pricing; no transactional, maintenance, or support fees.