In view of rapid development of payment card data protection technologies, every merchant services industry player has to understand different approaches to and methods of ensuring data security, and be able to tell the difference between them. Particular attention should be given to the difference between tokenization appliances and hardware security modules (HSM). These two types of devices serve one global purpose of cardholder data protection, but perform different tasks. Such functions as encryption and decryption of card numbers and PINs, as well as verification of security codes and EMV cryptograms are performed by an HSM. However, if tokenization functionality is needed, you have to acquire a tokenization appliance, license tokenization (vault) software, or develop it yourself.
More information on HSM and tokenization appliances can be found in the respective article on #Paylosophy.