Tokenization is a security measure used in payment processing to protect sensitive data. It involves replacing a cardholder’s primary account number (PAN) with a unique, randomly generated sequence of numbers, known as a token.

The token can be used to process payments without exposing the actual card details, reducing the risk of data breaches and fraud. For example, when a customer saves their card details on an e-commerce site for future purchases, the site will store the token instead of the actual card number.

The actual card details are stored in a secure, centralized token vault managed by the payment processor or a third-party tokenization service. When a transaction is initiated, the token is sent to the token vault for de-tokenization, where it is replaced with the actual card details for processing.

This process ensures that the card details are never exposed during the transaction, and even if a hacker intercepts the token, it would be meaningless without access to the centralized token vault.