Security Solutions


Tenerum understands the risk involved in handling sensitive payment card information.  That is why we have created security solutions to protect your systems, your customers and your brand.

Our security solutions are the same solutions endorsed by the PCI Security Standards Council.


The process of exchanging sensitive payment card data with surrogate values and using those surrogate values to tender and adjust a payment. Once a payment card is supplied to the Tenerum Gateway it is safely stored in our encrypted host and issued a token. That token is then sent back to your system for storage and future adjustments.

The Tenerum Token Solution:

  • Cannot be reverse engineered to derive payment card account
  • Expires on the card expiration data
  • Can be updated with a new expiration date
  • Works throughout the entire client enterprise
  • The token never changes
  • Create new transactions with a token
  • Make updates and modifications to a transaction with a token
  • All transactions are tokenized in our system and there is no additional fee!

The process of encrypting sensitive payment account information immediately upon entry into the payment stream. The encrypted payment account information can then be safely handled within your POS or PMS system and remains encrypted until it reaches the Tenerum Gateway. We decrypt the transaction in order to read the account, issue a token and re-encrypt the transaction. The token is then transmitted back to your system for storage and future adjustments.

Tenerum P2PE Features include:

  • For swiped transactions, the sensitive card account information is encrypted as the card slides through the read-heads on a magnetic swipe reader.
  • For transactions manually entered on a secure encryption device, the payment card information is encrypted as soon as the entire payment card account information is completed.
  • Works with Magtek, IDTech and any other device that supports DUKPT encryption.

Removes the sensitive payment card data from ever touching your system(s). This solution puts the POS, PMS or other business system out of the scope of PCI since the payment card data never touches those systems.

POS De-scoping Options

Device De-scoping

Our POS Device De-scoping is an integrated solution that isolates the POS from the device thus reducing the scope of PCI DSS. The device is exclusively handled and controlled by the Tenerum Gateway.

How it Works?
The POS sends the transaction to the Tenerum Gateway without any payment card account information. This initiates the Tenerum Gateway to contact the device sitting next to the POS workstation requiring cardholder input (swipe, manual entry, PIN Debit, EMV). Once the cardholder completes the input of their account information, the data is encrypted and sent directly to the Gateway. The Tenerum Gateway matches up the transaction information it receives from the POS with the payment information it received from the device to complete the transaction. Once the transaction is completed it is sent for processing. After the transaction is processed, the Tenerum Gateway responds to the POS with an authorization code, relevant compliance and industry information along with a token for future adjustments. Simultaneously the Tenerum Gateway responds to the device confirming the cardholder payment was completed. The entire process takes seconds.

Browser De-scoping

Our browser based de-scoping service was created for any system that takes payments over the phone, whether it is a central reservation system or call center. With this solution, the sensitive payment card information is entered in a secure browser window served up by the Tenerum Gateway. Once the information is completed, the Tenerum Gateway tokenizes the card account information and makes it available to the requesting system. There is no software to load, it is completely handled by web-services calls to the Tenerum Gateway.