TokenEx has designed and implemented a very secure model for authorizing access and granting permissions to the TokenEx platform, based on a multi-factor authorization model. Each TokenEx client has a unique identifier for accessing their vaults. Clients can assign granular access control to each method through unique API keys. An IP whitelist strictly limits access to vaults only from specific IP addresses that your organization designates and controls.
By employing this authorization security model, TokenEx provides very granular controls for access to the platform and limits access to the specific methods that handle sensitive data within the platform. This authorization model can be reviewed by your ISA or QSA to validate scope within your own PCI environments.
Security Controls Due Diligence
TokenEx regularly performs due diligence on the security controls we have in place. Due diligence of these controls includes, but is not limited to:
- Network Penetration Testing
- Dynamic & Static Application Security Testing
- Wireless Penetration Testing and Assessment
- Network Vulnerability Scanning
- Device Configuration Reviews
- Access Control Reviews
- Log Reviews
With your sensitive business and customer data stored in our data centers, TokenEx strives to ensure it is available at all times, even after an unforeseen disaster. TokenEx has designed and built an infrastructure that supports this goal, so that in the event of a data center disaster, a secondary distant data center is instantly available to manage transactions. We test our disaster recovery capabilities on a regular basis.
The TokenEx architecture is designed to be highly available and reliable. TokenEx Cloud Security Platform is co-located in multiple data centers in the United States and Europe. Our tokenization and data vault services in the data centers meet at least Tier 2 status and are audited annually by an independent third party. TokenEx maintains ownership and full operational control of all systems within the data centers. Within each data center, TokenEx is fully redundant. In addition, TokenEx continuously syncs data across data centers to ensure the highest standards of availability. We store encrypted backups of data vaults with an independent service provider.
TokenEx is transparent about service uptime. We provide our previous 3 months of uptime using an independent 3rd party service provider. These statistics are available on our TokenEx Client Portal.