How to Migrate Tokens When Switching Token Service Providers (TSPs)
A Token Service Provider (TSP) manages the tokenization of sensitive data. Tokenization removes the original data, and risk, from business systems while preserving the data’s analytical capabilities. TSPs provide companies with autonomy and flexibility for their data. Tokenization enables both vendor selection and data functionality while also reducing risk and scope for compliance.
Not every tokenization solution, or TSP, will be right for your company. Maybe your company has tried to handle tokenization on-premises and is ready to reduce the risk and cost associated with the effort. Maybe you’re looking for a more flexible or scalable TSP partnership and are ready to change token service providers. How do you retrieve your tokenized data and migrate from one TSP to another?
Any good TSP you are migrating from, or to, will help you with this process. However, it’s helpful to know what the process will look like, so you can prepare for, and hopefully reduce, any disruptions. Migrating sensitive data is never an easy task and should be carried out as simply and securely as possible.
Migrating Third-Party Tokens
If you have tokens with a third party, those tokens cannot simply be transferred and used by your new TSP. The tokenization process is such that tokens are undecipherable, and cannot be restored to their original state, only exchanged for the original data. This doesn’t mean the third-party tokens are useless; in fact, they will be quite important to update your internal processes.
To migrate to a new TSP, you will need the original data and third-party tokens. If you cannot retrieve your third-party tokens, there are still ways to integrate with a new TSP, but it won’t be a particularly quick or easy process. If you use network tokens, you will also need the network tokens and the TRID as well, but more on that in the next section.
If you’re moving to a new TSP, any data that has been tokenized by the third party will need to be retokenized and integrated into your existing systems. To do this, you will need both the original data and the third-party token.
An Example
To see how a migration might work, let’s look at an example of a business that has used a TSP to create and manage tokens for their customer’s PANs (Primary Account Numbers). They use these tokens to keep track of customer profiles and track their purchases. They’re looking to migrate from TSP A to TSP B.
The business will request a conversion of TSP A’s tokens and customer PANs into new TSP B tokens. TSP B will tokenize the original PANs as B tokens. The new TSP will also then populate a file mapping the A tokens to the B tokens. The business can then update internal applications by replacing all instances of A tokens with the B tokens using the file provided by the new TSP.
Without the A tokens, there is no way to link the new tokens to the customer profiles created by the business. The business would then have to rebuild those reports from the ground up, losing valuable insights and creating significant work.
Migrating Third-Party Tokens and Network Tokens
Network tokens, unlike third-party tokens, can be seamlessly transitioned between TSPs. Network tokens are issued by card networks, not the token service provider. TSPs are the middleman between card networks and businesses, managing network tokens on behalf of a business. Even if the TSP has been the one “generating” network tokens, they can easily be transferred to a new TSP.
What the new TSP will need, alongside the existing network tokens, is the business’s TRIDs (Token Requestor IDs). This identifier is used to request network tokens from card networks. Your business will have a TRID for every card network that you request network tokens from (Mastercard, Visa, etc.). Your new TSP will need these TRIDs to continue requesting network tokens on your behalf.
There are many reasons your company may want to change token service providers and convert tokens. Your current TSP may be too expensive, may suffer from extensive downtime, or may not offer a customized solution that fits your business’s unique needs. Whatever the reason, a TSP migration can be complex, almost as complex as implementing a tokenization solution in the first place.
However, if your current TSP doesn’t work for your needs, it is a worthwhile effort to change your system now. TSP migrations will only get more difficult as a business scales, and missing out on the advantages of a flexible tokenization solution will only cost more in the long run.