How to Tokenize Bank Accounts Numbers
This blog series aims to make it easier to understand the new Automated Clearing House (ACH) security requirements for data at rest. Starting June 30, 2022, qualifying organizations are required to “protect deposit account information by rendering it unreadable when stored electronically.”
Why use tokenization?
We think tokenization is the ideal method to protect account information for four key reasons:
- Flexibility. Tokens can be easily passed between systems without each system needing logic to decrypt the data.
- Application. Anything that can be serialized, can be tokenized. This broadens its application to different types of data, like media. For example, encoded images, like scanned authorization forms, can be tokenized, detokenized and decoded when needed.
- Ownership. Tokens provide continued access and control over the underlying data, but without the overhead.
- Enablement. Once secured, bank account information can be transformed, aliased, fingerprinted, and more. These enable a variety of operational use cases, like customer support operations; cost-savings, like least cost routing; and new products, services, and partnerships.
How to tokenize bank account numbers in three steps:
Basis Theory offers developers a secure, PCI-compliant and SOC 2 certified token vault and platform that allows your organization to quickly secure your banking details with a single tokenization API call.
Collecting bank account information
To collect this data from users seamlessly in your application, be sure to check out our guide on how to bank accounts with Basis Theory’s Elements.
Using Atomic Banks
Basis Theory offers a dedicated bank token type, called an Atomic Bank. This token combines account number and routing number into a single Token. You may also store these separately, you can tokenize these data types individually.
Creating an Atomic Bank
To create an Atomic Bank simply call our Atomic Bank API with the account number and routing number you’d like to store.
Here is an example of how you’d accomplish that:
Requesting a Token ID
Token IDs are your reference back to the underlying sensitive data secured within Basis Theory’s vault. You will store these references within your system, enabling you to retrieve the bank data back from Basis Theory whenever you need it.
Receiving a Token ID
And, you’re done. You've now received an Atomic Bank that is fully compliant with Nacha’s new Security Compliance Requirements for ACH transactions.
In addition to securing your bank account details, we also automatically provide you with a masked value that is safe to store and display.