Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
- TokenEx does not provide default credentials.
- All data vaults and API methods can be configured with unique access keys
Requirement 3: Protect stored cardholder data
- TokenEx fully manages and secures all vaulted data.
- TokenEx uses the latest in encryption and hardware security modules to protect vaulted data.
- Encryption algorithms used include RSA, AES, 3DES, and DUKPT
Requirement 4: Encrypt transmission of cardholder data across open, public networks
- TokenEx uses TLS and SFTP protocols exclusive for transmission of cardholder data.
- TokenEx cannot accept unprotected data.
Requirement 7: Restrict access to cardholder data by business need to know
- TokenEx provides API access on a pre-method basis as well as IP whitelisting.
- TokenEx allows clients to separate tokenization and detokenization access controls to ensure only authorized staff with a need to know have access to the data vaults.
Requirement 9: Restrict physical access to cardholder data
- By removing cardholder data from your environment, physical security compliance becomes a breeze.
- TokenEx uses top tier data centers with SAS70, PCI, and SSAE SOC2 certifications
Requirement 10: Track and monitor all access to network resources and cardholder data
- TokenEx provides robust logging and usage capabilities to track all access into and out of your data vaults.