A token is a bit string used to represent an original bit string which carries sensitive data. The original bit string can be represented by, e.g., a string of decimal numerals or letters to an authorized user and the sensitive data can take the form of, e.g., a credit card number, a social security number, etc.
A token can protect sensitive data like a credit card number because a token is meaningless to someone not authorized to access the sensitive data it is representing. The record of the mapping between a token and the data it protects is kept on a secure system known as a tokenization server. For example, a merchant accepting a credit card for payment does not wish to keep the credit card number stored on a local, unsecured system from which an unauthorized party may access the credit card number. Rather, the merchant sends the credit card number to a secure system which assigns a token to the credit card number, stores the credit card number and its token in a database for future lookup, and sends the token to the merchant. This way, the merchant can track consumer behavior without using sensitive data.
For an authorized party to access the sensitive data stored on the secure system, the authorized party may have to present identifying information to an access control manager, e.g., username/password combination. In this case, the secure system receives a request from the authorized party whose credentials have been established by the access control manager for the sensitive data corresponding to a token. The secure system, e.g., performs a lookup on the token, retrieves the sensitive information and sends the sensitive information to the authorized user.