Products and services from Thales e-Security can help you implement effective, high assurance tokenization solutions to protect customer information, reduce scope, and contain the cost of compliance. nShield HSMs  are independently certified to meet FIPS and Common Criteria standards and are approved for other approaches that can reduce scope such as Point-to-Point Encryption under PCI DSS guidelines.

Using HSMs, organizations can protect token stores and the tokenization process and increase the performance of token generation. nShield HSMs create a trusted environment where tokens can be generated, stored, and managed and tokenization/de-tokenization performed safely and securely.

This trusted layer overcomes the fact that a purely software-based environment in which applications typically execute is not, in itself, sufficiently trusted to meet the needs of a tokenization system.

Whether you tokenize account data using your own in-house developed software, a third-party commercial tokenization product, or a shared service, nShield HSMs can play an important role.

These devices are already certified to integrate with many leading tokenization products, assuring you of fast deployments and seamless integration with your existing systems.


  • Deploy high assurance tokenization solutions to protect account data and reduce compliance costs.
  • Utilize industry best practices recommended by auditors and PCI DSS guidelines to protect the integrity of tokenization systems.
  • Accelerate deployments; nShield HSMs are pre-qualified to integrate with products from leading vendors.
  • Take advantage of purpose-built cryptographic offload capabilities to accelerate the generation of tokens, particularly in situations where token values are cryptographically related to the source data.
  • Take advantage of a choice of performance ratings and HSM form factor options; deploy exactly what you need and only what you need, and upgrade easily as your needs change.