The PCI Security Standards Council issues new guidance on the use of tokenization. The new guidance addresses the need for risk analysis, before, during and after tokenization is implemented. The guidance isn’t meant to replace compliance demands for existing data security standards, says Bob Russo. Russo: A properly implemented tokenization solution can reduce or remove need for the merchant to retain the PAN in their environment once the initial transaction has been processed. Russo has more than 25 years of high-tech business management, operations and security experience.”]
Source: https://www.govinfosecurity.com/tokenization-pci-guidance-a-3986