Which mechanism replaces real data with unique tokens?

Tokenization is the correct answer because it specifically involves the process of replacing sensitive data with unique identifiers called tokens. These tokens have no intrinsic value or meaning and cannot be used outside of the context defined by the tokenization system. This method enhances security by ensuring that the actual data (such as credit card numbers, social security numbers, etc.) is not stored or transmitted in its original form, thus reducing the risk of data breaches and unauthorized access.

In tokenization, the original data remains secure in a token vault, while tokens can be used in its place for transactions or other processes. This way, even if a token is intercepted, it cannot be easily reverse-engineered to obtain the original data.

Other options may reference methods of handling data, but they do not focus specifically on the act of creating tokens as a means of protecting sensitive information. For instance, data masking typically involves modifying data to make it less sensitive but still recognizable, which is different from completely replacing it with tokens. By understanding tokenization, one comprehends a vital strategy for protecting sensitive information in various industries.