Does EMV use tokenization?

by: Bill Prichard

As part of CO-OP’s “Innovation in Payments” webinar held November 18, Caroline Willard, EVP, Markets and Strategy, and Michelle Thornton, Manager, Core Products, fielded questions about the latest security technology. What did credit unions want to know?

Q: Is it true that if you hover over an EMV card or an iPhone using Apple Pay, you can capture the data on it? 

A: One important thing to remember is that both of these technologies use cryptograms to secure data. So the data that someone might capture as part of an EMV or Apple Pay transaction isn’t repurposeable.

In Apple Pay, the token that is on a particular phone for Apple Pay is specific to that phone: That phone has identifying data. So if a token were used from any other device, it wouldn’t work because the cryptogram wouldn’t have the identifying information from the correct phone.

On the EMV side, there are transaction counters that would show that a new transaction wasn’t valid because the number and cryptogram were already seen in a previous transaction.

Q: Does EMV use tokenization?

continue reading »