Goal: Store your client's credit card numbers safely so you can charge them for multiple invoices.
Challenge: How can a small design firm do this safely when firms as large as Target are unable to?
Solution: Don't store the actual credit numbers, but "tokenize" them.
Background: When your clients provide you with their credit card number, it is important to store it in the safest way possible. Millions of businesses do this by using a technology called "tokenization". The way it works is that you enter the credit card number into your software program. The number is sent to something known as a payment gateway provider. This provider will store the actual card number and send back to the software program a "token" which is string of letters and/or numbers. The software program stores this token. When it is time to charge the client's credit card, the software program uses this token rather than the actual card number. The charge transaction works exactly the same as if the credit card number was sent.
The main benefit of tokenization is that it means that you are not storing actual credit card numbers. If your computer is stolen, or you have a dishonest employee, the tokens are meaningless.
Sound scary and complicated? It can be, but it doesn't need to be. Here are some important bottom lines: