Outbound Batch Detokenization

July 3, 2019

Outbound Batch Detokenization

The telemarketing firm uploads encrypted batch files (OpenPGP public/private key encryption) containing donor information and the AuricVault® token to an Auric-managed, PCI-compliant SFTP server. The batch files have different layouts for each client and are delivered in .csv, fixed-field, tab, and .xls/.xlsx formats.

The custom Auric service:

  • transfers each batch to a secure processing server.
  • decrypts the batch file.
  • scans each batch file and convert AuricVault® tokens into credit card numbers.
  • Uses OpenPGP to encrypt the resulting file with the client’s public encryption key.
  • uploads the encrypted file to the SFTP service for client pickup.

Outbound Data Flow

Outbound batch detokenization dataflow.

Outbound batch data flow.

  1. The telemarketer uploads GPG encrypted files with tokenized data to Auric’s PCI secure SFTP server.
  2. The encrypted files are securely transferred to the Auric Batch De-tokenizer server.
  3. A batch process decrypts then scans each file to extract an AuricVault® token. The batch de-tokenizer scans extracts tokens from each file, sends the tokens to the AuricVault® service, and
  4. receives back the original data.

The batch process then:

  • Replaces the AuricVault® token with the original cardholder account number.
  • GPG encrypts the final batch file.
  • Uses SFTP to upload the batch file to each company’s account.

Security

The custom Auric Batch Detokenization service, along with the custom Inbound Edge Tokenization service completely removed the credit card data from the telemarketer’s data flow.

Auric also:

  • introduced OpenPGP public/private key encryption into the data flow.
  • migrated the incoming SOAP HTTPS connection to the latest HTTPS protocol (TLSv1.2) before the telemarketer upgraded their services.

Have Questions?

Contact Us

1,000 character limit.

By submitting your name, email address, phone number, and message, you are permitting us to contact you by these means in response to your inquiry or feedback. You also acknowledge that you have read our Privacy Statement and that you consent to our processing data in accordance with it.