{"id":3438,"date":"2020-11-22T11:16:00","date_gmt":"2020-11-22T11:16:00","guid":{"rendered":"http:\/\/10.24.225.70\/?p=3438"},"modified":"2026-04-09T13:16:26","modified_gmt":"2026-04-09T11:16:26","slug":"can-tokenization-reduce-pci-dss-audit-scope","status":"publish","type":"post","link":"https:\/\/complior.se\/en\/can-tokenization-reduce-pci-dss-audit-scope\/","title":{"rendered":"Can tokenization reduce PCI DSS audit scope?"},"content":{"rendered":"<div class=\"wp-block-uagb-container uagb-block-1c95cc62 alignfull uagb-is-root-container\"><div class=\"uagb-container-inner-blocks-wrap\">\n<div class=\"wp-block-group blockera-block blockera-block-627ud4 is-vertical is-layout-flex wp-container-core-group-is-layout-fe9cc265 wp-block-group-is-layout-flex\">\n<div class=\"wp-block-kadence-advancedbtn kb-buttons-wrap kb-btns3438_86fecf-a9\"><a class=\"kb-button kt-button button kb-btn3438_1cabaf-1c kt-btn-size-standard kt-btn-width-type-auto kb-btn-global-fill  kt-btn-has-text-true kt-btn-has-svg-true  wp-block-kadence-singlebtn\" href=\"https:\/\/complior.se\/en\/resources\/\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_arrowLeft kt-btn-icon-side-left\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><line x1=\"19\" y1=\"12\" x2=\"5\" y2=\"12\"\/><polyline points=\"12 19 5 12 12 5\"\/><\/svg><\/span><span class=\"kt-btn-inner-text\">Tillbaka till resurser<\/span><\/a><\/div>\n\n\n\n<span class=\"kt-adv-heading3438_466667-ac wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_466667-ac\">Blog<\/span>\n\n\n\n<h1 class=\"kt-adv-heading3438_826de1-95 animated fadeIn wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_826de1-95\">Can tokenization reduce PCI DSS audit scope?<\/h1>\n\n\n\n<div class=\"wp-block-group animated fadeIn is-nowrap is-layout-flex wp-container-core-group-is-layout-6c531013 wp-block-group-is-layout-flex\"><div class=\"publish-date-container\">\r\n\t<svg\r\n\t\twidth=\"16\"\r\n\t\theight=\"16\"\r\n\t\tviewbox=\"0 0 24 24\"\r\n\t\tfill=\"none\"\r\n\t\tstroke=\"#4b4b4b\"\r\n\t\tstroke-width=\"2\"\r\n\t\tstroke-linecap=\"round\"\r\n\t\tstroke-linejoin=\"round\"\r\n\t\txmlns=\"http:\/\/www.w3.org\/2000\/svg\"\r\n\t\taria-hidden=\"true\"\r\n\t>\r\n\t\t<rect x=\"3\" y=\"4\" width=\"18\" height=\"18\" rx=\"2\" ry=\"2\"><\/rect>\r\n\t\t<line x1=\"16\" y1=\"2\" x2=\"16\" y2=\"6\"><\/line>\r\n\t\t<line x1=\"8\" y1=\"2\" x2=\"8\" y2=\"6\"><\/line>\r\n\t\t<line x1=\"3\" y1=\"10\" x2=\"21\" y2=\"10\"><\/line>\r\n\t<\/svg>\r\n\t<span class=\"date-text\">\r\n\t\tNov 22, 2020\t<\/span>\r\n<\/div>\n\n\n<h1 class=\"kt-adv-heading3438_851e48-8f wp-block-kadence-advancedheading kt-adv-heading-has-icon animated fadeIn delay-100ms\" data-kb-block=\"kb-adv-heading3438_851e48-8f\"><span class=\"kb-svg-icon-wrap kb-adv-heading-icon kb-svg-icon-fe_clock kb-adv-heading-icon-side-left\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><circle cx=\"12\" cy=\"12\" r=\"10\"\/><polyline points=\"12 6 12 12 16 14\"\/><\/svg><\/span><span class=\"kb-adv-text-inner\">2 min <\/span><\/h1><\/div>\n<\/div>\n\n\n\n<figure class=\"wp-block-kadence-image kb-image3438_c05386-4c size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"550\" src=\"https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-1024x550.png\" alt=\"image of a data server and a credit card, in a cartoon style\" class=\"kb-img wp-image-51000\" srcset=\"https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-1024x550.png 1024w, https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-300x161.png 300w, https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-768x413.png 768w, https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-1536x825.png 1536w, https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-2048x1100.png 2048w, https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-18x10.png 18w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-uagb-container uagb-block-2eeb7bfc alignfull uagb-is-root-container\"><div class=\"uagb-container-inner-blocks-wrap\">\n<div class=\"wp-block-group blockera-block blockera-block-1qmig32 is-vertical is-layout-flex wp-container-core-group-is-layout-b2c973f4 wp-block-group-is-layout-flex\">\n<h2 class=\"kt-adv-heading3438_369058-04 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_369058-04\">Background<\/h2>\n\n\n\n<p class=\"kt-adv-heading3438_1d665a-c9 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_1d665a-c9\">In a not recent, but still valid Gartner report, Using Tokenization to Reduce PCI Compliance Requirements, it was found that large merchants with an average of 100,000 customer accounts potentially store cardholder data in 10\u201320 different locations in-house.<\/p>\n\n\n\n<p class=\"kt-adv-heading3438_69fd00-6b wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_69fd00-6b\">Since the PCI standard mandates that every system in the Cardholder Data Environment (CDE) must be audited, this common scenario creates many potential vulnerabilities.<\/p>\n\n\n\n<p class=\"kt-adv-heading3438_45a5c1-4a wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_45a5c1-4a\">A large number of storage locations increases the audit scope, which in turn requires more resources and time, resulting in higher costs.<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-group blockera-block blockera-block-1qmig32 is-vertical is-layout-flex wp-container-core-group-is-layout-b2c973f4 wp-block-group-is-layout-flex\">\n<h2 class=\"kt-adv-heading3438_c6f402-62 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_c6f402-62\">Can you reduce PCI scope?<\/h2>\n\n\n\n<p class=\"kt-adv-heading3438_7121fd-03 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_7121fd-03\">Many merchants ask if there is a way to entirely eliminate the existence of cardholder data from the merchant environment in order to reduce audit scope.<\/p>\n\n\n\n<p class=\"kt-adv-heading3438_8e0ed7-b8 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_8e0ed7-b8\">The answer is yes, and the solution is <a href=\"https:\/\/complior.se\/en\/tokenization\/\">tokenization<\/a>.<\/p>\n\n\n\n<figure class=\"wp-block-kadence-image kb-image3438_7d6da6-79 size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"484\" height=\"401\" src=\"https:\/\/complior.se\/wp-content\/uploads\/2023\/07\/Token-blog-01.png\" alt=\"\" class=\"kb-img wp-image-51002\" srcset=\"https:\/\/complior.se\/wp-content\/uploads\/2023\/07\/Token-blog-01.png 484w, https:\/\/complior.se\/wp-content\/uploads\/2023\/07\/Token-blog-01-300x249.png 300w, https:\/\/complior.se\/wp-content\/uploads\/2023\/07\/Token-blog-01-14x12.png 14w\" sizes=\"auto, (max-width: 484px) 100vw, 484px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-group blockera-block blockera-block-1qmig32 is-vertical is-layout-flex wp-container-core-group-is-layout-b2c973f4 wp-block-group-is-layout-flex\">\n<h2 class=\"kt-adv-heading3438_0a257b-d7 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_0a257b-d7\">What is tokenization?<\/h2>\n\n\n\n<p class=\"kt-adv-heading3438_813187-6f wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_813187-6f\">Tokenization replaces cardholder data with an \u201calias\u201d, a separate randomly generated value called a token. The sensitive data is stored securely in a central token vault, while only token values are used and stored locally in applications and services. When needed, the process can be reversed through de-tokenization, where the token is translated back into the original data.<\/p>\n\n\n\n<p class=\"kt-adv-heading3438_4ddd7c-70 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_4ddd7c-70\">Tokenization can be implemented in different ways:<\/p>\n\n\n\n<ul style=\"font-size:clamp(14px, 0.875rem + ((1vw - 3.2px) * 0.227), 16px);font-style:normal;font-weight:500\" class=\"wp-block-list blockera-block blockera-block-m8knbu has-manrope-font-family\">\n<li>Through in-house applications applied to databases and sensitive data stores<\/li>\n\n\n\n<li>As a service (SaaS), where a cloud provider manages tokenization and storage<\/li>\n<\/ul>\n<\/div>\n\n\n\n<div class=\"wp-block-group blockera-block blockera-block-1wa044g is-vertical is-layout-flex wp-container-core-group-is-layout-b2c973f4 wp-block-group-is-layout-flex\">\n<h2 class=\"kt-adv-heading3438_67a30a-33 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_67a30a-33\">How does tokenization reduce audit scope?<\/h2>\n\n\n\n<p class=\"kt-adv-heading3438_50ba27-29 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_50ba27-29\">With a <a href=\"https:\/\/complior.se\/en\/tokenization\/\">tokenization solution<\/a> delivered via a SaaS model, cardholder data (CHD) never resides within the organization\u2019s environment. While encryption focuses on protecting stored data, tokenization goes one step further by removing the data entirely from internal systems. In simple terms, organizations do not need to protect what they do not store.<\/p>\n\n\n\n<p class=\"kt-adv-heading3438_606b20-c7 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_606b20-c7\">This significantly reduces:<\/p>\n\n\n\n<ul style=\"font-size:clamp(14px, 0.875rem + ((1vw - 3.2px) * 0.227), 16px);font-style:normal;font-weight:500\" class=\"wp-block-list blockera-block blockera-block-bpz9fz has-manrope-font-family\">\n<li>The amount of sensitive data in scope<\/li>\n\n\n\n<li>Infrastructure complexity<\/li>\n\n\n\n<li>The need for encryption key management<\/li>\n<\/ul>\n\n\n\n<p class=\"kt-adv-heading3438_621469-e1 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_621469-e1\">It is important to note that encryption without proper key management is ineffective \u2014 comparable to using a strong password but writing it down next to your device.<\/p>\n\n\n\n<p class=\"kt-adv-heading3438_aa65da-eb wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_aa65da-eb\">PCI DSS places heavy emphasis on key management (especially in section 3), which can be complex and costly to implement.<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-group blockera-block blockera-block-1jxiu1q is-vertical is-layout-flex wp-container-core-group-is-layout-b2c973f4 wp-block-group-is-layout-flex\">\n<h2 class=\"kt-adv-heading3438_f32592-61 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_f32592-61\">Differences between tokenization and encryption<br><\/h2>\n\n\n\n<p class=\"kt-adv-heading3438_49098c-4a wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_49098c-4a\">There are key differences between tokenization and encryption:<\/p>\n\n\n\n<ul style=\"font-size:clamp(14px, 0.875rem + ((1vw - 3.2px) * 0.227), 16px);font-style:normal;font-weight:500\" class=\"wp-block-list blockera-block blockera-block-13bkcjc has-manrope-font-family\">\n<li>Tokenization separates sensitive data completely from the token<\/li>\n\n\n\n<li>Encryption maintains a mathematical relationship to the original data<\/li>\n<\/ul>\n\n\n\n<p class=\"kt-adv-heading3438_d2f93c-c3 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_d2f93c-c3\">Encrypted data security depends on the encryption algorithm and the protection of encryption keys. Tokenization on the other hand allows flexible token formats and lengths, removed any direct relationship to the original data, and eliminates the need for local key management. <\/p>\n\n\n\n<figure class=\"wp-block-kadence-image kb-image3438_0598d7-59 size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"483\" height=\"401\" src=\"https:\/\/complior.se\/wp-content\/uploads\/2023\/07\/Token-blog-02.png\" alt=\"\" class=\"kb-img wp-image-51003\" srcset=\"https:\/\/complior.se\/wp-content\/uploads\/2023\/07\/Token-blog-02.png 483w, https:\/\/complior.se\/wp-content\/uploads\/2023\/07\/Token-blog-02-300x249.png 300w, https:\/\/complior.se\/wp-content\/uploads\/2023\/07\/Token-blog-02-14x12.png 14w\" sizes=\"auto, (max-width: 483px) 100vw, 483px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-group blockera-block blockera-block-hml53k is-vertical is-layout-flex wp-container-core-group-is-layout-b2c973f4 wp-block-group-is-layout-flex\">\n<h2 class=\"kt-adv-heading3438_f2046a-c8 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_f2046a-c8\">Business impact<\/h2>\n\n\n\n<p class=\"kt-adv-heading3438_2b32a1-68 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading3438_2b32a1-68\">By transferring cardholder data off-premise, organizations can reduce security costs, lower operational complexity, minimize PCI DSS audit scope. The less sensitive data is stored locally, the easier and cheaper it&#8217;s to secure systems and pass audits. <\/p>\n\n\n\n<div class=\"wp-block-uagb-buttons uagb-buttons__outer-wrap uagb-btn__default-btn uagb-btn-tablet__default-btn uagb-btn-mobile__default-btn uagb-block-2ab15fae\"><div class=\"uagb-buttons__wrap uagb-buttons-layout-wrap\">\n<div class=\"wp-block-uagb-buttons-child uagb-buttons__outer-wrap uagb-block-d12e540a wp-block-button scale-hover\"><div class=\"uagb-button__wrapper\"><a class=\"uagb-buttons-repeater wp-block-button__link\" aria-label=\"\" href=\"http:\/\/complior.se\/en\/contact\/\" rel=\"follow noopener\" target=\"_self\" role=\"button\"><div class=\"uagb-button__link\">Contact us<\/div><span class=\"uagb-button__icon uagb-button__icon-position-after\"><svg xmlns=\"https:\/\/www.w3.org\/2000\/svg\" viewbox=\"0 0 448 512\" aria-hidden=\"true\" focussable=\"false\"><path d=\"M438.6 278.6l-160 160C272.4 444.9 264.2 448 256 448s-16.38-3.125-22.62-9.375c-12.5-12.5-12.5-32.75 0-45.25L338.8 288H32C14.33 288 .0016 273.7 .0016 256S14.33 224 32 224h306.8l-105.4-105.4c-12.5-12.5-12.5-32.75 0-45.25s32.75-12.5 45.25 0l160 160C451.1 245.9 451.1 266.1 438.6 278.6z\"><\/path><\/svg><\/span><\/a><\/div><\/div>\n<\/div><\/div>\n<\/div>\n<\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>\t\t\t\t\t\tTokenization replaces cardholder data with an \u201calias\u201d, a separate random-generated value called a token. Learn more on the blog<\/p>","protected":false},"author":2,"featured_media":51000,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"blogg","format":"standard","meta":{"_editorskit_title_hidden":false,"_editorskit_reading_time":2,"_editorskit_is_block_options_detached":false,"_editorskit_block_options_position":"{}","_eb_attr":"","inline_featured_image":false,"_uag_custom_page_level_css":"","wpm_timeformat":"","_wpm_styles":"","footnotes":""},"categories":[118],"tags":[117,127,128],"class_list":["post-3438","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blogg","tag-blog","tag-pci","tag-pci-dss"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Can tokenization reduce PCI DSS audit scope? - Complior<\/title>\n<meta name=\"description\" content=\"Tokenization replaces cardholder data with an \u201calias\u201d, a separate random-generated value called a token. Learn more on the blog\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/complior.se\/en\/can-tokenization-reduce-pci-dss-audit-scope\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Can tokenization reduce PCI DSS audit scope? - Complior\" \/>\n<meta property=\"og:description\" content=\"Tokenization replaces cardholder data with an \u201calias\u201d, a separate random-generated value called a token. Learn more on the blog\" \/>\n<meta property=\"og:url\" content=\"https:\/\/complior.se\/en\/can-tokenization-reduce-pci-dss-audit-scope\/\" \/>\n<meta property=\"og:site_name\" content=\"Complior\" \/>\n<meta property=\"article:published_time\" content=\"2020-11-22T11:16:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-09T11:16:26+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-scaled.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1375\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Kikki Bostrom\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kikki Bostrom\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/complior.se\\\/can-tokenization-reduce-pci-dss-audit-scope\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/complior.se\\\/can-tokenization-reduce-pci-dss-audit-scope\\\/\"},\"author\":{\"name\":\"Kikki Bostrom\",\"@id\":\"https:\\\/\\\/complior.se\\\/#\\\/schema\\\/person\\\/841f8a57425589a6d7f13c201d345016\"},\"headline\":\"Can tokenization reduce PCI DSS audit scope?\",\"datePublished\":\"2020-11-22T11:16:00+00:00\",\"dateModified\":\"2026-04-09T11:16:26+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/complior.se\\\/can-tokenization-reduce-pci-dss-audit-scope\\\/\"},\"wordCount\":466,\"publisher\":{\"@id\":\"https:\\\/\\\/complior.se\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/complior.se\\\/can-tokenization-reduce-pci-dss-audit-scope\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/complior.se\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/Token-blog-03-scaled.png\",\"keywords\":[\"Blog\",\"PCI\",\"PCI DSS\"],\"articleSection\":[\"Blogg\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/complior.se\\\/can-tokenization-reduce-pci-dss-audit-scope\\\/\",\"url\":\"https:\\\/\\\/complior.se\\\/can-tokenization-reduce-pci-dss-audit-scope\\\/\",\"name\":\"Can tokenization reduce PCI DSS audit scope? - Complior\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/complior.se\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/complior.se\\\/can-tokenization-reduce-pci-dss-audit-scope\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/complior.se\\\/can-tokenization-reduce-pci-dss-audit-scope\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/complior.se\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/Token-blog-03-scaled.png\",\"datePublished\":\"2020-11-22T11:16:00+00:00\",\"dateModified\":\"2026-04-09T11:16:26+00:00\",\"description\":\"Tokenization replaces cardholder data with an \u201calias\u201d, a separate random-generated value called a token. Learn more on the blog\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/complior.se\\\/can-tokenization-reduce-pci-dss-audit-scope\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/complior.se\\\/can-tokenization-reduce-pci-dss-audit-scope\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/complior.se\\\/can-tokenization-reduce-pci-dss-audit-scope\\\/#primaryimage\",\"url\":\"https:\\\/\\\/complior.se\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/Token-blog-03-scaled.png\",\"contentUrl\":\"https:\\\/\\\/complior.se\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/Token-blog-03-scaled.png\",\"width\":2560,\"height\":1375,\"caption\":\"image of a data server and a credit card, in a cartoon style\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/complior.se\\\/can-tokenization-reduce-pci-dss-audit-scope\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/complior.se\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Can tokenization reduce PCI DSS audit scope?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/complior.se\\\/#website\",\"url\":\"https:\\\/\\\/complior.se\\\/\",\"name\":\"Complior\",\"description\":\"Security beyond compliance\",\"publisher\":{\"@id\":\"https:\\\/\\\/complior.se\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/complior.se\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/complior.se\\\/#organization\",\"name\":\"Complior\",\"url\":\"https:\\\/\\\/complior.se\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/complior.se\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/complior.se\\\/wp-content\\\/uploads\\\/2025\\\/06\\\/Complior_logo_dark-scaled.png\",\"contentUrl\":\"https:\\\/\\\/complior.se\\\/wp-content\\\/uploads\\\/2025\\\/06\\\/Complior_logo_dark-scaled.png\",\"width\":2560,\"height\":960,\"caption\":\"Complior\"},\"image\":{\"@id\":\"https:\\\/\\\/complior.se\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/complior.se\\\/#\\\/schema\\\/person\\\/841f8a57425589a6d7f13c201d345016\",\"name\":\"Kikki Bostrom\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3a78a33b10cfcbf5a04f53b522f24d176544c6ab014b5174854b6bb92287e13?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3a78a33b10cfcbf5a04f53b522f24d176544c6ab014b5174854b6bb92287e13?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3a78a33b10cfcbf5a04f53b522f24d176544c6ab014b5174854b6bb92287e13?s=96&d=mm&r=g\",\"caption\":\"Kikki Bostrom\"},\"url\":\"https:\\\/\\\/complior.se\\\/en\\\/author\\\/kikki\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Can tokenization reduce PCI DSS audit scope? - Complior","description":"Tokenization replaces cardholder data with an \u201calias\u201d, a separate random-generated value called a token. Learn more on the blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/complior.se\/en\/can-tokenization-reduce-pci-dss-audit-scope\/","og_locale":"en_GB","og_type":"article","og_title":"Can tokenization reduce PCI DSS audit scope? - Complior","og_description":"Tokenization replaces cardholder data with an \u201calias\u201d, a separate random-generated value called a token. Learn more on the blog","og_url":"https:\/\/complior.se\/en\/can-tokenization-reduce-pci-dss-audit-scope\/","og_site_name":"Complior","article_published_time":"2020-11-22T11:16:00+00:00","article_modified_time":"2026-04-09T11:16:26+00:00","og_image":[{"width":2560,"height":1375,"url":"https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-scaled.png","type":"image\/png"}],"author":"Kikki Bostrom","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Kikki Bostrom","Estimated reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/complior.se\/can-tokenization-reduce-pci-dss-audit-scope\/#article","isPartOf":{"@id":"https:\/\/complior.se\/can-tokenization-reduce-pci-dss-audit-scope\/"},"author":{"name":"Kikki Bostrom","@id":"https:\/\/complior.se\/#\/schema\/person\/841f8a57425589a6d7f13c201d345016"},"headline":"Can tokenization reduce PCI DSS audit scope?","datePublished":"2020-11-22T11:16:00+00:00","dateModified":"2026-04-09T11:16:26+00:00","mainEntityOfPage":{"@id":"https:\/\/complior.se\/can-tokenization-reduce-pci-dss-audit-scope\/"},"wordCount":466,"publisher":{"@id":"https:\/\/complior.se\/#organization"},"image":{"@id":"https:\/\/complior.se\/can-tokenization-reduce-pci-dss-audit-scope\/#primaryimage"},"thumbnailUrl":"https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-scaled.png","keywords":["Blog","PCI","PCI DSS"],"articleSection":["Blogg"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/complior.se\/can-tokenization-reduce-pci-dss-audit-scope\/","url":"https:\/\/complior.se\/can-tokenization-reduce-pci-dss-audit-scope\/","name":"Can tokenization reduce PCI DSS audit scope? - Complior","isPartOf":{"@id":"https:\/\/complior.se\/#website"},"primaryImageOfPage":{"@id":"https:\/\/complior.se\/can-tokenization-reduce-pci-dss-audit-scope\/#primaryimage"},"image":{"@id":"https:\/\/complior.se\/can-tokenization-reduce-pci-dss-audit-scope\/#primaryimage"},"thumbnailUrl":"https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-scaled.png","datePublished":"2020-11-22T11:16:00+00:00","dateModified":"2026-04-09T11:16:26+00:00","description":"Tokenization replaces cardholder data with an \u201calias\u201d, a separate random-generated value called a token. Learn more on the blog","breadcrumb":{"@id":"https:\/\/complior.se\/can-tokenization-reduce-pci-dss-audit-scope\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/complior.se\/can-tokenization-reduce-pci-dss-audit-scope\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/complior.se\/can-tokenization-reduce-pci-dss-audit-scope\/#primaryimage","url":"https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-scaled.png","contentUrl":"https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-scaled.png","width":2560,"height":1375,"caption":"image of a data server and a credit card, in a cartoon style"},{"@type":"BreadcrumbList","@id":"https:\/\/complior.se\/can-tokenization-reduce-pci-dss-audit-scope\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/complior.se\/"},{"@type":"ListItem","position":2,"name":"Can tokenization reduce PCI DSS audit scope?"}]},{"@type":"WebSite","@id":"https:\/\/complior.se\/#website","url":"https:\/\/complior.se\/","name":"Complior","description":"Security beyond compliance","publisher":{"@id":"https:\/\/complior.se\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/complior.se\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/complior.se\/#organization","name":"Complior","url":"https:\/\/complior.se\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/complior.se\/#\/schema\/logo\/image\/","url":"https:\/\/complior.se\/wp-content\/uploads\/2025\/06\/Complior_logo_dark-scaled.png","contentUrl":"https:\/\/complior.se\/wp-content\/uploads\/2025\/06\/Complior_logo_dark-scaled.png","width":2560,"height":960,"caption":"Complior"},"image":{"@id":"https:\/\/complior.se\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/complior.se\/#\/schema\/person\/841f8a57425589a6d7f13c201d345016","name":"Kikki Bostrom","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/secure.gravatar.com\/avatar\/d3a78a33b10cfcbf5a04f53b522f24d176544c6ab014b5174854b6bb92287e13?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d3a78a33b10cfcbf5a04f53b522f24d176544c6ab014b5174854b6bb92287e13?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3a78a33b10cfcbf5a04f53b522f24d176544c6ab014b5174854b6bb92287e13?s=96&d=mm&r=g","caption":"Kikki Bostrom"},"url":"https:\/\/complior.se\/en\/author\/kikki\/"}]}},"uagb_featured_image_src":{"full":["https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-scaled.png",2560,1375,false],"thumbnail":["https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-150x150.png",150,150,true],"medium":["https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-300x161.png",300,161,true],"medium_large":["https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-768x413.png",768,413,true],"large":["https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-1024x550.png",1024,550,true],"1536x1536":["https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-1536x825.png",1536,825,true],"2048x2048":["https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-2048x1100.png",2048,1100,true],"trp-custom-language-flag":["https:\/\/complior.se\/wp-content\/uploads\/2020\/11\/Token-blog-03-18x10.png",18,10,true]},"uagb_author_info":{"display_name":"Kikki Bostrom","author_link":"https:\/\/complior.se\/en\/author\/kikki\/"},"uagb_comment_info":0,"uagb_excerpt":"Tokenization replaces cardholder data with an \u201calias\u201d, a separate random-generated value called a token. Learn more on the blog","_links":{"self":[{"href":"https:\/\/complior.se\/en\/wp-json\/wp\/v2\/posts\/3438","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/complior.se\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/complior.se\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/complior.se\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/complior.se\/en\/wp-json\/wp\/v2\/comments?post=3438"}],"version-history":[{"count":10,"href":"https:\/\/complior.se\/en\/wp-json\/wp\/v2\/posts\/3438\/revisions"}],"predecessor-version":[{"id":80439,"href":"https:\/\/complior.se\/en\/wp-json\/wp\/v2\/posts\/3438\/revisions\/80439"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/complior.se\/en\/wp-json\/wp\/v2\/media\/51000"}],"wp:attachment":[{"href":"https:\/\/complior.se\/en\/wp-json\/wp\/v2\/media?parent=3438"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/complior.se\/en\/wp-json\/wp\/v2\/categories?post=3438"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/complior.se\/en\/wp-json\/wp\/v2\/tags?post=3438"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}