This concept is similar to the way token-based systems are set up in the financial world. Perhaps you purchase an item online. Rather than sending your debit or credit card information to the merchant, the system turns your data into a random number. This number, or token, then passes through the transaction process in the same way your card information would, notes Hall.
Within the system, it can be used to make a purchase. Outside of the system, it is just a string of numbers and has no value.
Why it's considered safe
"Hackers are getting more and more sophisticated," says Taggart. It's reasonable to expect that criminals always will be looking for ways to access sensitive information, such as credit and debit card data.
And that's the beauty of systems that use tokens. These setups "translate the data so it's completely useless to anyone other than the merchants," explains Taggart.
Looking back, this technology also offers valuable insight into recent data breaches at large retailers. In those cases, hackers wanted to access the vast amounts of card information stored on file.
Had Apple Pay or another token-based payment setup been used by the majority of shoppers, it's possible that sensitive data may not have been stored in the same way. With tokenization, for instance, there's no card number kept on file with merchants. "Even if they're breached, the only things that are breached are random numbers that don't mean anything to anyone," says Taggart.
How it compares to EMV
EMV-enabled cards and tokenization are designed to make payment information more secure, says Randy Hopper, vice president of credit cards and business optimization at Navy Federal Credit Union. "They just do it in different ways and forms."
EMV cards offer a higher level of security than traditional cards that carry a magnetic stripe. That's because the magnetic stripe on a debit card or credit card contains information that doesn't change. So if a criminal copies the stripe, the information can be used repeatedly.
EMV cards have an embedded microchip, and the chip encrypts information during a transaction. This protects against the counterfeiting of cards.
When sending the information via an EMV card, a code is generated. While this code can be used for the transaction, it cannot be used again. That means if a thief obtains the chip information used during one particular purchase, that information cannot be used again.
"EMV is primarily for point-of-sale payments," Hopper says. It offers protection when you swipe your card at the register.
Tokenization, on the other hand, is more focused on card-not-present transactions, says Hopper. In other words, it boosts security for online and digital transactions. "When a consumer is shopping online, the card information is no longer being passed through the payment system," he says.
How it will affect everyday purchases
While the technology used to process transactions may undergo changes, the result will not be very visible to those shopping with credit cards and debit cards, Hopper says. By and large, consumers will "continue to use cards in the same way they do today."
There may be minor glimpses into tokenization if you look closely, Hopper adds. For instance, in Apple Pay, if you browse in the settings for cards, you'll see the last four digits of your card. You may also spot the last four digits of the device number listed. The device number serves as the token.
Merchants will note more adjustments than consumers to support the changes in technology. Among the advantages they'll gain, however, is a tighter level of security. When it comes to using a token-based setup, "the bottom line is everyone in the payments ecosystem -- including merchants, consumers and financial institutions -- benefits," explains Hall.
What Apple's adoption of tokenization means
"Apple Pay will shake up the payment industry in a big way," notes Malte Pollmann, CEO of Utimaco, a manufacturer of hardware-based security solutions.
While tokenization isn't a new technology, Apple's approach to using it has the potential to make big shifts. "The difference between Apple and previous industry attempts to disrupt the mobile payments market is Apple's ability to package existing technology into a viable and user-friendly solution -- with the support of card issuers," explains Pollmann.
How it could be used in the future
"If the security, telecom and financial services industries get it right, customers will increasingly trust new mobile payment models," says Pollmann.
In addition to seeing new payment systems similar to Apple's, this technology could branch into other areas.
Consider the medical industry, for instance. It's possible that confidential information, such as medical records and prescription information, could be replaced with a token, explains Hall.
Furthermore, sensitive personal information, such as Social Security numbers and driver's license numbers, could potentially be stored as tokens as well.
The process will take time, Hall says. Still, in the financial industry and others, the potential benefits are many. Perhaps the best perk will be the ability to use debit cards and credit cards without worrying about whose hands the card information could land in.