Secure customers’ card data with CardVault tokenization

Your company’s network and hard drives are magnets for criminals trying to steal personally identi able information, medical records and credit card numbers. Today’s rash of data breaches proves cyberthieves are both highly motivated and sophisticated, and companies large and small are at risk.

Your company reputation is at stake. On average, the total cost of a data breach is $6.5 million in the U.S.1 — and there’s more than just sales and revenue to factor. There are lawsuits, damage to your brand, customer flight, nes for not complying with the Payment Card Industry Data Security Standard (PCI-DSS) — and a cost to bring your systems into compliance on top of that. Conforming to PCI requirements and federal privacy laws can be di cult and expensive since you must secure every data touch point.

PPS presents CardVault® from 3Delta Systems providing an innovative and proven data tokenization solution that minimizes your risk by removing sensitive card data from your environment. CardVault is available with a variety of payment processing options or as a stand-alone offering.


With tokenization, instead of using sensitive customer data like credit card numbers, you use substitute values, or tokens. Initially, cardholder data is submitted to CardVault in 3DSI’s secure payment processing network, where it is encrypted and stored in a secure PCI-certified environment. Your company is given the token to store in place of the card number. When you send a transaction, you use the token — just like processing any other transaction, but without the risk of transmitting card data.

Using tokens does not change the payment processing experience. With 3DSI’s through-processing, CardVault tokens can be used for sales, refunds, voids and credits. And the tokens are useless to criminals if your company’s system is compromised.

CardVault’s robust security has been the choice of e-commerce retailers, B2B and B2G companies since 2003. It supports Level-3 transactions to help B2B clients realize lower interchange rates on those transactions.

3DSI also gives you maximum flexibility and protection to help guard against fraud. You can define access controls, user restrictions and transaction processing thresholds to identify and block unusual behavior. Your account administrator may apply the restrictions universally or to individual users, depending on management levels and job functions within your organization. 3DSI’s fraud- fighting transaction verification and authentication tools empower you to run your business with confidence and give you the ability to avoid costs associated with high-risk transactions.

And CardVault can be paired with point-to-point encryption for added security from swipe or keypad entry to authorization. 3DSI’s PCI-certified P2PE solutions completely remove cardholder data from card-present and call center environments, minimizing your PCI scope.


Enhanced security and reduced risk

  • Accept and process card payments without storing card data on internal systems.
  • Store PCI-protected card information at 3DSI’s PCI-DSS-certi ed environment.
  • Integrate with P2PE swipe or keypad devices.

Several card-collection and interface options

  • Silent POST: Your customers enter data in a seamlessly integrated Web portal on your website, with sensitive card data delivered directly to 3DSI — never entering your system.
  • Hosted Page: Your customers enter data on a 3DSI-hosted Web page, preventing sensitive data from ever entering your system.
  • Web Services: System-to-system communication exchanging cardholder data and tokens.
  • SAP/ERP-integrated module: CardVault’s power, accessed directly in your ERP system

Flexible implementation

  • Securely transfer legacy card data to 3DSI for tokenization, then purge it from your system.
  • Let 3DSI assign tokens or assign them yourself. Format-emulating options are available.
  • Process server-to-server transactions in real time or in le-based batch.
  • Update, add or delete cardholder records in real time.

Works with existing technology

  • Use your host system with CardVault’s platform- neutral design.
  • Integrate with enterprise accounting and back- o ce solutions such as SAP, JD Edwards, Oracle, Microsoft and more.
  • No distributed software required.

Risk-free customer convenience

  • E-commerce applications allow customers to manage pro les without storing card data on the host system.
  • No data re-entry for customers. Account information is stored for subsequent transactions.
  • Update any saved field, including cardholder name and expiration date, without retrieving card information.

Supports all commerce — B2B, B2G, and B2C

Stores and processes all major card brands

  • Visa, MasterCard, Discover, JCB, American Express, Diner’s Club

Multiple payment channels

  • Internet/e-commerce.
  • Mail order/telephone order/call center.
  • Enterprise accounting systems, including SAP integration.

How it works

1. Enter transaction info and card data in your ERP (or order entry system or Web commerce site).

2. Your ERP sends transaction info and card data to 3DSI.

3. We send transaction info and card data to the card network for processing. We store and tokenize the card data.

4. Card network provides us with the transaction result.

5. We send the transaction result and token to your ERP.

6. ERP updates the order with the transaction result and updates the customer pro le with the token.