Exploring Card Data Security

  • Release version: Zurich
  • Updated July 31, 2025
  • 1 minute to read

    • Learn more about Card Data Security and how it can be used to tokenize sensitive card data for Dispute Cases and Dispute Transactions.

    Card Data Security overview

    The Card Data Security application provides a tokenizer service that enables you to replace sensitive data in dispute workflows with non-sensitive equivalent values called tokens.

    You can configure data to be tokenized as it enters your ServiceNow instance, and have it restored to its original value when it is sent to Third-Party Systems.

    (Disclaimer: This application enables data tokenization capabilities for Dispute Cases and Dispute Transactions.)

    Other features of the tokenizer service are shown below:

    File Vaulting
    Securely store files with sensitive information in the tokenizer service vault.
    Document De-identification
    Redact predefined entities in images and PDFs.
    Embeddable SDKs
    Embed front-end SDKs into ServiceNow UIs.
    Vault type: Multi-Tenant
    Accounts are hosted on shared infrastructure, isolated by account and vault boundaries.

    For more information on these other features of the tokenizer service, refer to the tokenizer service documentation.

    Note:

    Check your entitlements to determine whether you have access to a feature.

    Card Data Security users

    Table 1. Users
    User Description
    Administrator

    Administrators manage the card vault table. They configure the connections and routes between your ServiceNow instance, our tokenizer service, and the third-party financial systems involved in Dispute Case and Dispute Transaction processing, such as card networks and core banking systems ("Third-Party System(s)").

    Card Data Security workflow

    The following graphic shows how our tokenizer service is designed to tokenize and detokenize data in Card Data Security.

    Figure 1. Tokenization data flow
    Infographic showing the flow of data being tokenized from Third-Party Systems, and the detokenization of sensitive data when sent to Third-Party Systems. For details, refer to the following description.
    1. Data retrieved from a Third-Party System that you configure is tokenized using our tokenizer service before it enters your ServiceNow instance.
    2. Tokenized data sent from your ServiceNow instance's dispute workflow can also be configured to be detokenized to its original value by our tokenizer service before it is sent to a Third-Party System.

    Card Data Security benefits

    Table 2. Card Data Security benefits
    Benefit Feature Users
    Use a card vault table to store tokenized values of configured data. Create the card vault table in the tokenizer service Administrator
    Manage each tokenizer configuration that sends and receives tokenized data with Third-Party Systems. Manage Tokenizer Resource Configurations Administrator

    What to explore next

    To learn more about configuring Card Data Security, see: