Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
- TokenEx does not provide default credentials.
- All data vaults and API methods can be configured with unique access keys.
Requirement 3: Protect stored cardholder data
- TokenEx fully manages and secures all vaulted data.
- TokenEx uses the latest in encryption and hardware security modules to protect vaulted data.
- Encryption algorithms used include RSA, AES, 3DES, and DUKPT.
Requirement 4: Encrypt transmission of cardholder data across open, public networks
- TokenEx uses TLS and SFTP protocols exclusively for transmission of cardholder data.
- TokenEx cannot accept unprotected data.
Requirement 7: Restrict access to cardholder data by business need to know
- TokenEx provides API access on a per method basis, as well as IP whitelisting.
- TokenEx allows clients to separate tokenization and detokenization access controls to ensure only authorized systems with a need to know have access to the data vaults.
Requirement 9: Restrict physical access to cardholder data
- By removing cardholder data from your environment, physical security compliance becomes a breeze.
- TokenEx uses top tier data centers with ISO 27001, HITRUST, PCI, and SSAE SOC1, SOC 2, and SOC3 certifications.
Requirement 10: Track and monitor all access to network resources and cardholder data
- TokenEx provides robust logging and usage capabilities to track all access into and out of your data vaults.