Tokenization explained

Tokenization is a process that connects the ownership or rights of physical or virtual asset into digital tokens that each token holds a particular unit of value to the original entity. The token maybe representative of a contractual right, smart contract or other form of asset. There's no limitation on what can be tokenized, almost any measurable things in society or nature. But most commonly among things around our life, commerce and economy, such as security, utility, identity and it even allows for the creation of a national currency on top of Bitcoin. Tokens can be issued, verified, traded and tracked on Bitcoin network.

Background

The idea of tokenizing high-value data or financial instruments is far from a new concept, though the modern form of data tokenization didn’t take hold until recently. Ancient currency systems used to replace valuable assets with coin tokens, and – more recently – systems like subway tokens and poker chips have used placeholder techniques to lower risk and increase efficiency.

Beginning in 1976, surrogate key values were used in data processing to isolate data linked to internal mechanisms of databases and their counterparts on the outside. These same isolation techniques have been extended since then, with the modern form of tokenization being the result.

Commercial transactions may involve the transfer of property rights. Such rights may include real property, or personal property (tangible or intangible). Furthermore, contracts between parties may also include contractual rights that bind both parties. In the digital economy, there may be an expectation for transactions to be performed in a timely manner and across vast distances. This expectation, along with practical limitations, mean that traditional forms of transferring property, such as physical delivery of hardcopy of documents representing a contract, negotiable instrument, etc. or the tangible property itself is not desirable.

Mechanism

The transfer of a token can be encoded into a transaction, which includes at least one input and one output, between participants in the blockchain system. Scripts programs can be embedded into their inputs and outputs of the transactions, which specify how and by whom the outputs of the transactions can be accessed. After a transaction has been made, network nodes (miners) perform proof of work to validate it on an unspent transaction (UTXO) by executing its locking and unlocking scripts. If execution of the locking and unlocking scripts evaluate to TRUE, the transaction is valid and the transaction is written to the blockchain.

Benefits of Tokenization

When a business – whether it’s a merchant or service provider – implements tokenization as part of its data security program, they enjoy a number of benefits:

Minimizing Contact: Tokenization works so that the original payment card information stays safely vaulted in your own data environment, with other parties only receiving the tokens. The real, original sensitive data remains in a secure cloud vault.

Reduced Data Breach Risk: While tokenization systems don’t 100% guarantee the prevention of data breaches, they minimize breach risk by desensitizing the original data with a token while it’s at rest – making it so that there’s nothing of actual value that can be stolen when a security breach happens.

Irreversibility: Unlike data encryption technology, in which encrypted data can be “solved” with a powerful enough computer or a stolen decryption key, tokenized material can only be revealed by end-users that are part of the original tokenization platform – such as the payment processor.

Flexibility: Tokenization works in multiple ways. It can generate both single-use tokens, like for one-off purchases using a credit card, or multi-use tokens, like when customer credit card numbers are stored to enable faster e-commerce checkout experiences for future purchases.

Easier Compliance: Because tokenization reduces how much of your company’s data environment contains material relevant to privacy regulations, achieving compliance certifications is easier, however, there still substantial responsibility and liability that you must shoulder. Other alternatives, such as the VGS Platform, descope your business from PCI Compliance, shifting the liability to VGS while you retain the original usability.

Reference

Creating a Smart Contract Registry

Creating a Smart Contract Registry

What Is Tokenization And How Does It Influence PCI DSS Compliance?

What is tokenization? Get a quick, complete breakdown of how companies use tokenization to protect data like credit card numbers and account numbers, all while reducing their compliance scope and shrinking their sensitive data environments.

Very Good Security - BlogRobert Faba

http://patentimages.storage.googleapis.com/c3/36/52/827fc3bbe90e26/WO2017145004A1.pdf