Encryption & Tokenization

Learn more about tools that can help protect your customers and your business from debit and credit card data theft at the point of sale.

What are encryption and tokenization technologies?

Encryption and tokenization are two separate technologies, that when paired together, help protect your customers’ sensitive card data and minimize the data loss impact to your business from a hack or breach.


Encryption transforms plain text (such as a credit card number) into a non-readable form through the use of an algorithm. Ideally, payment card numbers are encrypted at the point in which they are captured through the magnetic stripe swipe, chip card insertion, or online entry. By default, M&T-provided card terminals and gateways provide built-in encryption tools.


Tokenization replaces sensitive card data with a randomly generated and unique surrogate value called a “token.” Tokens replace payment card numbers for storage in merchant systems and use in recurring transactions and other business functions. In the process, account numbers are removed from your payment environment to render stolen data useless to hackers.

Help protect your organization – and your customers – from card data theft.

M&T Bank Merchant Services® offers the dual protections of encryption and tokenization to help you:

  • Fight back against hackers and malicious software. Payment card numbers are scrambled during the transaction with the latest encryption technology. Afterward, card data is replaced with tokens, storing only non-sensitive information in your systems
  • Protect your brand and bottom line. Customers aren't the only ones who suffer when you face a data breach. Brand damage, loss of customer confidence, financial liability and litigation are all potential outcomes. By thwarting hackers, you're also helping protect a priceless asset: your reputation
  • Limit business disruptions. In most cases, encryption and tokenization are compatible with existing terminals. This feature often makes installation as easy as the flip of a switch
  • Cover most transaction types. Card present, card not present, e-commerce, virtual terminals – encryption and tokenization reduce nearly all transaction types
  • Limit your PCI-DSS Scope. By removing cardholder data from your payment environment, encryption and tokenization reduce your responsibilities for Payment Card Industry Data Security Standard (PCI-DSS) compliance, the card industry standard for payment data security

There's too much at stake to leave yourself and your customers exposed. Contact us today to see if encryption and tokenization technology can help your business.

M&T Bank Merchant Services® are available subject to completion of a Merchant Services application and credit approval. Merchant Services are provided subject to the terms and conditions of M&T Bank's Merchant Services Agreement. Availability of funds is subject to M&T Bank's Funds Availability Policy. Additional terms and conditions apply.
Unless otherwise specified, all advertised offers and terms and conditions of accounts and services are subject to change at any time without notice. After an account is opened or service begins, it is subject to its features, conditions and terms, which are subject to change at any time in accordance with applicable laws and agreements. Please contact an M&T representative for details.