The purpose of tokenization is to swap out sensitive data—typically payment card or bank account numbers—with a randomized number in the same format, but with no intrinsic value of its own. This differs from encryption where a number is mathematically changed, but its original pattern is still “locked” within the new code—known as Format Preserving Encryption. Encrypted numbers can be decrypted with the appropriate key—whether through brute computing force, or through a hacked/stolen key.
Tokens, on the other hand, cannot be decrypted because there is no mathematical relationship between the token and its original number. De-tokenization is, of course, the reverse process, when the token is swapped—but not decrypted—for the original number. De-tokenization can only be done by the original tokenization system. There is no other way to obtain the original number from just the token. Tokens can be single use (a one time debit card transaction) that are not retained, or multi-use (a credit card number of a repeat customer) that is stored in a database for recurring transactions.