Tokenization

Registration Tokens

Imagine you run an online store and want to offer your customers the convenience of one-click checkout. Registration Tokens are your solution.

Challenges Resolved by Registration Tokens

Simplifies PCI Compliance

By removing sensitive data from your environment, Registration Tokens help you meet PCI compliance requirements more easily, as seen in the case of a small online boutique that avoids storing sensitive card information, reducing costs and complexities associated with securing card data.

Enhances Security

Registration Tokens reduce the risk of data breaches by not storing sensitive card data, exemplified by a subscription-based streaming service that uses tokens instead of storing card details, making stolen tokens useless to hackers.

Improves Customer Experience

Registration Tokens speed up the checkout process, making it more convenient for customers, such as a frequent traveler who can quickly complete bookings with a single click through an airline’s mobile app, enhancing their overall experience.

Versatility Across Payment Methods

Registration Tokens are not limited to card payments. They can also be applied to virtual accounts (such as PayPal) or direct debits (such as SEPA IBAN-based payments). This flexibility allows merchants to offer a variety of payment options while maintaining security and convenience.

No Onboarding Required

Unlike other tokenization methods, Registration Tokens do not require onboarding with any vault. You simply register a card (or tokenize a card) and receive a UUID registration that can be used in payments. This simplifies the implementation process for merchants.

Deregistration Capability

Registration Tokens can be deregistered, meaning that the tokenized card or non-card payment method can be deactivated and no longer used in payments. This feature provides additional control and security for both merchants and customers.

Benefits

• Simplifies PCI Compliance: Helps meet PCI compliance requirements by removing sensitive data from your environment.
• Enhances Security: Reduces the risk of data breaches by not storing sensitive card data.
• Improves Customer Experience: Speeds up the checkout process, making it more convenient for customers.
• Versatility: Applies to both card and non-card payment methods, such as virtual accounts and direct debits.
• No Onboarding Required: Easy implementation without the need for onboarding with a token vault.
• Deregistration Capability: Allows for deactivation of tokens, providing additional control and security.

Example

A customer shopping on your online store can save their card details securely using a Registration Token. The next time they shop, they can complete their purchase with just one click, without having to re-enter their card details. This convenience can lead to increased customer satisfaction and loyalty. Additionally, if the customer decides to stop using a particular payment method, the registration token can be deregistered, ensuring it cannot be used for future transactions.

Omni Tokens

Suppose you operate both an online store and several physical locations. You want to provide a unified loyalty program that rewards customers for their purchases across all channels. Omni Tokens are designed for this purpose.

Challenges Resolved by Omni Tokens

Ownership and Control

Omni tokens are unique to, and owned by, the merchant. They are format-preserving and can be used freely across the merchant environment. This ownership allows for improved customer service and loyalty programs, seamless third-party integration, and faster internal reporting, accounting, and reconciliation. For example, a retailer can integrate omni tokens with their CRM system to provide personalized offers based on a customer’s purchase history.

Seamless Omni-Channel Customer Journeys

Omni tokens support smooth, frictionless payments across channels and borders. This includes subscription/recurring payments, as well as “Buy Online, Pick Up In-Store” (BOPIS), returns (including “Buy Online, Return In-Store” (BORIS)), and refunds—even when the cardholder’s card is not present. For instance, a customer can order a product online and pick it up in-store without any payment issues, or return an online purchase at a physical location seamlessly. This ensures a consistent and convenient shopping experience for customers.

Enhanced Customer Profiling

Omni tokens give merchants visibility into a customer’s purchasing activities across channels. They allow the storage of card-related payments data and other custom data along with the token. This enhanced profiling helps in understanding customer behavior and preferences, enabling more personalized marketing and loyalty programs. For example, a coffee shop chain can track a customer’s preferences and purchase frequency to offer tailored promotions and rewards.

Superior Data Security

Omni tokens protect merchants against sensitive data breaches and reduce the scope of PCI compliance. By reducing the value of underlying sensitive data, omni tokens add an invisible layer of security, making it difficult for criminals to use stolen credentials fraudulently. This means that even if a data breach occurs, the stolen data is useless to attackers, protecting both the merchant and the customer.

Efficiency and Control

Omni tokens create improved omnichannel customer experiences by offering complete ownership for greater flexibility, control, and reporting. They maintain PCI compliance without compromising other card-dependent functions, ensuring that all sensitive data is shielded while allowing seamless integration with internal and external processes. For example, a merchant can use omni tokens to streamline their accounting and reconciliation processes, reducing administrative overhead and improving accuracy.

Onboarding with the Token Vault

Omni tokens require onboarding with the Token Vault. This onboarding process ensures that the omni tokens are only bound to the onboarded entity, whether it be a merchant or a payment service provider (PSP). This binding enhances security and control over the tokens, ensuring that they are used only by the authorized entity.

Benefits

• Enhances Customer Retention: Enables omnichannel loyalty programs, encouraging repeat business.
• Simplifies Multi-Channel Payment Processing: Use a single token for both online and in-store transactions.
• Provides a Seamless Shopping Experience: Customers enjoy a consistent experience across all channels.
• Improves Customer Profiling: Better visibility into customer purchasing activities across channels.
• Increases Data Security: Protects against data breaches and reduces PCI compliance scope.
• Enhances Flexibility and Control: Complete ownership of tokens allows for greater flexibility in managing customer data and integrating with external partners.

Tips for getting started

• Integration: Ensure seamless integration with your existing systems for both online and in-store transactions.
• Data Management: Utilize the enhanced customer profiling capabilities to tailor your marketing and loyalty programs.
• Security Measures: Implement omni tokens to enhance data security and reduce PCI compliance scope.
• Onboarding: Complete the onboarding process with the Token Vault to ensure omni tokens are securely bound to your entity.

Example

Consider a scenario where a customer earns loyalty points whether they purchase a coffee online or in-store. Omni tokens allow you to track these purchases and reward the customer based on their total spending, providing a seamless and rewarding shopping experience. Additionally, if a customer decides to return an item bought online to a physical store, the omni token ensures that the return process is smooth and hassle-free, even if the cardholder’s card is not present.

Network Tokens

Imagine you run a global eCommerce platform. You face the constant challenge of reducing fraud and ensuring high transaction approval rates. Network tokens, provided by card networks like Visa or Mastercard, can be a game-changer.

Challenges Resolved by Network Tokens

Out-of-date Accounts

One of the biggest challenges in eCommerce is dealing with stored card details that become unusable when cards are lost, stolen, or expired. This often leads to cart abandonment, as studies indicate that 35% of cardholders stop shopping after their card has been declined once. Network tokens address this issue by being proactively updated in real-time by issuing banks. This means that lost, stolen, or expired cards become irrelevant, allowing customers to continue using one-click checkout without interruptions. For subscription-based models, this is particularly beneficial as it protects recurring payments and reduces operational costs associated with contacting consumers about expired cards.

Increased Fraud

Merchants in the United States lost about $3.75 for every dollar of online fraud in 2022, with costs increasing nearly 20% compared to 2019. Fraudsters have shifted to card-not-present transactions, increasing the burden on merchants. Network tokens help mitigate this by involving the issuer in the approval process, shifting the risk assessment and liability from the merchant to the issuer. This reduces the cost of fraud and enhances security across the payment ecosystem. By ensuring that fraud at one merchant does not affect other merchants using the same PAN, network tokens build a more secure and trustworthy environment.

False Declines

Authorization rates for merchants often remain below 90%, with false declines leading to lost sales and customer dissatisfaction. Network tokens can significantly improve acceptance rates by involving the issuer in the token approval process. This higher level of trust reduces declines due to outdated card information, ensuring seamless transactions and reducing involuntary churn, especially for subscription businesses. By keeping card details up to date, network tokens enhance the overall customer experience.

Card Data Protection

Payment card data can be stolen at various points, including where it is entered, stored, or transmitted. Network tokens reduce the value of underlying sensitive data, adding an invisible layer of security. Cardholder-initiated transactions require a dynamic cryptogram, which further enhances security. This makes it difficult for criminals to use stolen credentials fraudulently, ensuring secure transactions and protecting both merchants and consumers.

Too Much Friction

With Strong Customer Authentication (SCA) requirements in Europe, card-based payments have become more secure but also more cumbersome for consumers. The additional security checks have introduced friction, leading to approval rate declines. Network tokens can be used for 3D Secure authentication, allowing issuers to silently authenticate cardholders and go frictionless without triggering any challenge process. This reduces friction in the checkout process, improving the customer experience and maintaining high approval rates.

Increased Costs

Merchants pay interchange fees as part of the merchant discount rate (MDR), which can be substantial. Visa and Mastercard have adjusted these fees to encourage the use of network tokens. Visa, for instance, offers reduced interchange fees by up to 10 basis points for transactions using network tokens, while increasing fees for PAN-based transactions. At high transaction volumes, the cost savings from using network tokens can be significant, making them a financially attractive option for merchants.

Benefits

• Reduces Fraud: Secure tokens replace sensitive card details, reducing the risk of unauthorized use.
• Improves Authorization Rates: Involving the issuer in the tokenization process leads to higher transaction approval rates.
• Enhances Customer Experience: Keeps card details up to date, ensuring smooth transactions.
• Cost Savings: Reduces fraud-related losses and lowers interchange fees.
• Compliance: Helps merchants comply with PCI DSS by minimizing the storage of sensitive card data.

Tips for getting started

• 3D Secure: Using 3D Secure with network tokens can shift the liability for fraudulent transactions to the issuer, providing an extra layer of security.
• Real-Time Account Updater: Ensures you have the most current card details, even though network tokens update dynamically.
• Onboarding: Each card scheme requires separate onboarding. Ensure you onboard with each scheme individually to fully leverage network tokens.

Example

Consider a scenario where a customer’s card is stolen. With traditional card-on-file methods, the merchant would need to manually update the card details, which could lead to service interruptions and potential fraud. However, with network tokens, the token updates automatically, ensuring that the customer’s service continues uninterrupted and the risk of fraud is minimized.

External Tokens

Consider you accept payments through an acquirer that generates its own tokens. External Tokens allow you to securely process payments and store tokens for future transactions with the same acquirer.

Benefits

• Enhances Security: Uses tokens generated by trusted acquirers, reducing the risk of data breaches.
• Simplifies Payment Processing: Streamlines transactions with specific acquirers.
• Flexible Token Storage: Tailored to your business needs, allowing for various storage options.

Example

When a customer makes a purchase through your store, an External Token is generated. This token can be stored and used for future transactions with Square, ensuring secure and efficient payment processing.

ApplePay Tokens

Imagine you run an online store that caters to a large number of Apple device users. Apple Pay Merchant Tokens (MPANs) securely link your customers’ payment cards to your business through their Apple Wallet. By using MPANs, you can offer a seamless payment experience that works across multiple devices and supports recurring transactions without being tied to any single device. This ensures that even if your customers change or lose their devices, their payment information remains accessible and secure.

Key Benefits of Using MPANs

• Multi-device continuity: Hassle-free payments across all devices.
• Device-independent recurring payments: Perfect for subscriptions or regular purchases.
• Persistent payment information: Safeguards against device loss or theft.
• Lifecycle management tools: Track token activity and revocation status.

Additional Benefits

• Enhanced Security: Apple Pay tokens replace sensitive card details with secure tokens, reducing the risk of unauthorized use. Each transaction is authorized with a one-time unique dynamic security code.
• Improved Customer Experience: Apple Pay tokens streamline the checkout process for Apple device users, allowing them to complete purchases quickly and easily using Face ID, Touch ID, or their device passcode.
• Increased Trust: Customers are more likely to trust and use a payment method that is known for its security and ease of use, potentially increasing your sales.

Types MPAN Requests

• Automatic Reload: For automatic top-ups, like adding funds to a store card.
• Recurring Payment: For subscriptions, such as monthly streaming services.
• Deferred Payment: For future payments, like booking a hotel room.

How to Get an MPAN

Follow our guidelines here. Ensure your card issuer supports MPAN generation.

Example

A customer shopping on your online store using their iPhone can use Apple Pay to complete their purchase with just a touch or a glance. The Apple Pay token ensures that their card details are never shared with the merchant, providing a secure and convenient payment experience.