We’re Giving Away Tokenization for Free. Here’s What You Need to Know.

June 5, 2020
Free tokenization

2020 has been a year like no other. In response to these unprecedented times, companies are needing help from wherever they can get it as they try to restart. This is why Very Good Security is announcing a special free tokenization solution offer.

Now through the end of the year, VGS will provide our powerful tokenization solution at no cost, so that businesses don’t have to choose between data security and keeping the lights on. Any business new to VGS can take advantage of this offer that includes an unlimited number of stored records.

We’ve heard from a number of customers the challenges with keeping their businesses going and the struggle with affording the critical basics such as data security. In response to this, we are providing a free tokenization solution for businesses that need some help. With the mission to protect the world’s information, we have built best-in-class data security, compliance (e.g., PCI DSS), and privacy solutions that innovative businesses are using all over the world.

When society's eyes are focused on the pandemic, certain offenders are trying to leverage this new environment and hack data. Just this month, the New York Times reported that hackers accessed the details of 9 million EasyJet customers, which included credit card data of 2,200 individuals. This is the most dreaded nightmare for any business and consumer. Dealing with a data breach on top of trying to keep your business going could be something not every company could survive.

Yet, according to ZDNET, the National Cyber Security Centre (NCSC) is warning that criminals are looking to exploit the spread of coronavirus to conduct cyberattacks and hacking campaigns. Businesses of all sizes are targets, with three out of five firms reporting an attack in 2019, according to the 2019 Hiscock Cyber Readiness Report. Though large companies are the most likely to be victims of cyberattacks, 47% of small companies reported an incident, and 63% of midsize companies reported attacks, the report found (The Need for Compliance in a Post-COVID-19 World). The need to protect customers and sensitive data is even more pressing now.

Again, this is why VGS is offering our free tokenization solution for businesses until January - to help ensure that organizations aren’t victimized by cyberattacks during such a vulnerable period of time. Simply go to verygoodsecurity.com and click the sign-up button to create a free account. You can also visit our Tokenization API page to learn more about VGS’s tokenization solutions.

What is Tokenization?

Tokenization is the process of replacing sensitive data with non-sensitive surrogates, called tokens. The surrogates are randomly generated into data of the same format and have no intrinsic value. So, if a hacker is able to gain access to the tokenized data, the data would be completely unusable gibberish. You can’t hack what isn’t there.

If you want to learn more about tokens and the history of tokenization, read What is Tokenization? Here’s Everything You Need to Know

Tokenization vs Encryption

Before tokenization, encryption had been a preferred method for securing sensitive data. Encryption is the process of transforming sensitive data into a complex, unreadable format that can only be deciphered with a secret key. Decryption is the reverse process and only users who possess the decryption key are able to “crack” the complicated equation.

The biggest, most important difference between tokenization and encryption is that only encryption is reversible and tokenization is irreversible. Because an algorithm is used to secure the data encryption, if the key isn’t strong enough or a malicious actor’s computer is sufficiently powerful to solve the algorithm the encryption can be decoded. In addition, encrypted sensitive data leaves the organization, while tokenized data stays put in its secure vault and only the non-sensitive placeholder tokens are transferred elsewhere.

What If You Need PCI DSS Compliance?

VGS Token provides powerful protection for sensitive data that’s at rest, but no single tokenization solution – regardless of which tokenization provider you use – can secure data that’s in transit. Just using a tokenization solution, instead of an all-in-one platform, means that you retain quite a bit of the data security and PCI Compliance responsibility. Tokenization reduces how much of your organization is within compliance scope, but much of the compliance onus is still on your business.

If you're looking for a complete solution for data security and PCI DSS compliance that covers both data at rest and data in transit, then you need more than standard tokenization - you need to use an end-to-end solution like the VGS Platform, which goes much further than a typical tokenization solution.

Using aliases (a more advanced type of token) and proxies, the VGS Platform provides the only end-to-end compliance solution that shifts the burden and risk from your business to VGS.

To understand how useful the VGS Platform is, it might be helpful to review PCI DSS (Payment Card Industry Data Security Standard). It’s a worldwide standard for the secure handling of payment card data, first crafted by the major payment card industry brands in order to help prevent payment card fraud and protect cardholder data. Compliance is achieved after businesses verifiably fulfill all PCI DSS requirements, which is obligatory for all entities that handle consumer PCI data.

Tokenization solutions, like VGS Token, can be a valuable part of your data security posture and PCI Compliance program. Tokenization is able to secure data at rest, but it does not secure sensitive data in transit - like when credit card data is being collected and exchanged.

However, if you are looking for an end-to-end solution that shifts the burden and liability away from your organization, then you should be considering the VGS platform. Our standard solution uses a Zero Data approach, where the sensitive information never touches your data environment and thus descopes your business from PCI. You get all the usability without the liability or burden.

With VGS’ Zero Data Platform, you get:

  • End-to-end, always-on compliance for PCI DSS Level 1, PCI DSS Level 2, SOC2, and more

  • Full liability shift and insurance against data breaches

  • The ability to freely send data to any endpoint

  • Easy implementation with no code changes needed

How to Take Advantage of Our Free Tokenization Offer

Data security and compliance are hard enough to manage without the new economic headwinds businesses are grappling with today. Businesses need help making it through to the end of this crisis, and that’s why VGS is making our Tokenization API free for all new customers for the rest of 2020. You can get started with tokenizing your sensitive data today, so head on over to verygoodsecurity.com and sign up.

Pete LaFond Pete LaFond


You Might also be interested in...

remote work

Work From Home: Life Hacks From Very Good Security

Alexander Diatlov June 12, 2020


The True Cost of PCI Compliance: Where Can Small Businesses Save?

Stefan Slattery June 1, 2020


What Is Tokenization And How Does It Influence PCI DSS Compliance?

Stefan Slattery May 28, 2020