What is tokenization and why is it important?
Tokenization is the process of substituting sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security. Tokenization seeks to minimize the amount of data that a company needs to keep on record. . In doing so, it has become a popular way for small and medium sized businesses to bolster the security of credit card and e-commerce transactions whilst minimizing the cost and complexity of compliance with industry standards and government regulations. According to industry experts, data tokenization is a form of data masking which replaces sensitive data with a different value, called a token. The token has no value, and there should be no way to trace it back from the token to the original data. When data is tokenized, the originalsensitive data is kept secure in a centralized location thereby preventing potential data security risks..
The importance of Tokenization
Tokenization is important because it helps remove sensitive data such as personal information, payments, and confidential information from a business system. The dataset is replaced with an unreadable token whilst the original one is kept in a secure cloud environment that is separated from the business system.
It can also be applied in banking because it helps to protect the cardholder’s details. For example, when a payment is processed using a token, the tokenization system can replace the token with a matching primary account number (PAN). Then, tokenization gets sent to the payment processor for authorisation which ensures that the PAN will neither be retained nor recorded but rather the generated token.
For example, it can be applied in financial services as it helps protect the cardholder’s data. When a business processes a payment using a token, the tokenization system can switch the token with a matching primary account number (PAN).
In addition, cloud tokenization systems can also help prevent exposure to sensitive data. as it prevents fraudsters from recording usable information. Although tokenization is not aimed at stopping fraudsters’ information systems, it offers numerous security and compliance advantages and is becoming an increasingly popular way to protect data, especially in an uncertain economic climate.
The gap in the POPIA that allows spam calls
Despite the important regulatory changes made in recent years, spam calls constantly keep coming through.
South Africans should be aware that the Protection of Personal Information Act (POPIA) does not protect anyone against telemarketers contacting you unless you instruct them to stop.
“Section 69 of the POPIA deals with processing your personal information without your consent. You must consent to direct marketing using any form of electronic communication. This section makes mention of automatic calling machines, a machine that can make automated calls without any human intervention e.g. fax, SMS’s and e-mails”.
This section does not explicitly include phone marketing in its definition of unsolicited electronic communication. A telephone is not an electronic communications device. Therefore telemarketers may call you and ask for consent to the call and the sales pitch. If you object, they may not contact you again. Should they continue to call without your consent, this means that they are breaching the provisions of section 69 of the POPIA.
Essentially you could open a harassment case, thanks to the Regulation of Interception of Communications Act (RICA), the police have access to every cell phone user’s details and can use this information to track down the perpetrator. Once they do this, they will contact you and ask how you wish to proceed.
