Tokenization in eCommerce Payments

Sometimes our customers ask questions connected with tokenization of eCommerce transactions. Let me focus on this topic below.

There are multiple meanings of tokenization in case of eCommerce payments.

Payment Scheme Tokenization

I think that nowadays term tokenization is the most commonly used in the context of VISA or Mastercard card tokenization. Both payment schemes implemented tokenization systems (MDES and VTS) which were first used on mobile phones but today are also used for eCommerce transactions. In such situations, tokenization means that a regular Mastercard or VISA payment card gets connected to a token which is a kind of virtual card number and once this mapping happens, the user is using the token to initiate payment transactions from those cards. An example of such a use case could be Netflix which enables their users to add cards to the service and in many geographies they map cards with tokens and for all transactions a token is used rather than a regular card. In case of a security breach, a thief will steal token numbers and not card numbers.

Card on File Tokenization

Very often term tokenization is used in the context of regular Card on File projects. Card on File is a solution that enables merchants or acquirers to enable card payments without asking all the time for card number entry by the user. A card is held "on file" which means that it is saved in the system of merchant, acquirer, processor and can be used any time the user confirms a transaction. In such a context, tokenization can be enabled without VISA or Mastercard and tokens are owned by the processor or acquirer and shared with the merchant. In case of security breach to the merchant, real card numbers are not exposed because they are safely kept by a PCI DSS compliant processor.

Apple or Google Pay Tokenization

Sometimes tokenization in eCommerce is used in the context of Apple Pay and Google Pay transactions. In those projects the system works very similarly to the standard Payment Scheme Tokenization described above, but iOS and Android devices are used to authenticate the user and the transaction. Apple and Google enable various endpoints that merchants or acquirers can connect to and allow tokenization. Transactions are processed in a similar way to regular Mastercard or VISA transactions.

Advantages of Using Tokenization

Usually, main advantages or using tokenization are connected with security and minimising PCI DSS requirements that merchant must fulfill. PCI DSS (Payment Card Industry Data Security Standards) require that each entity, which holds and processes card data, performs a set of actions to make sure that cards are securely processed. Very often tokenization brings additional benefits like cost optimisation and user experience improvements.

However, once you think about such a project, take seriously all potential long term impacts. If you do a project directly with your acquiring institution you may get seriously impacted in case you want to change provider. The last thing you want as an eCommerce merchant is to have a monopoly of your payment provider. You should choose providers that work with multiple acquirers, can provide tokenization or card on file solutions for users cards and tokens without being limited to a single acquirer. In such cases you can get acquiring offers from multiple acquiring partners and enable competition to lower prices of payment processing.

Please contact us if you consider such projects.

Trends on the Fintech Market

Why to use Verestro?

Verestro architecture and choice of products

Verestro's products for various regions

What are the Advantages of the Verestro Fintech-as-a-Service Platform?

Own Payment License or Dependence on a BAAS provider - how does Verestro solve it?

White-label App vs. In-house App Development

Mobile App Development Languages Used by Verestro

Business Control for new or existing portfolios

What employee benefits can be offered via the Verestro Business Control

Tokenization and Contactless Payments - Verestro's competitive advantages

Cashback - Boost Customer Loyalty and Spending

Understanding White Label Applications: A Beginner's Guide

Payment schemes

Ranking of card issuing companies

Card issuing - financial details

Example of Profit & Loss calculation in card issuing

Regulatory and license impact on card issuing

KYC and KYB requirements in card issuing

PCI DSS & other security requirements

Master balance and collateral in card issuing projects

Pay with Rewards, Pay with Points

Multicurrency cards - 3 implementation options

Customer service and user claims in card issuing

How to prepare for a card issuing project?

How can I reload payment account or card?

Card Lifecycle Management

VISA or Mastercard?

Card Benefits in card issuing projects

Prepaid, debit or credit cards - the main differences

Tips to avoid problems when implementing card issuing

Know Your Customer – in-house or outsourcing

Reverse solicitation – marketing & promotion of card issuing in multiple countries

Interchange Fees and Service Fees - rates and rules

BIN Range or Separate BIN in Card Issuing

Guide to IBAN setup process

IBANs, cards, balances - how to manage all of this?

Payout to Cards

Currency Management in Payouts to Cards

KYC requirements in Payout and Money Transfer projects

Various forms of money transfers

Payouts, eCom Transactions or Card-to-Card Payments?

Issuer Wallet and Apple Pay / Google Pay - Differences

NFC on iPhone/iOS

Pay by Account - NFC from bank account

On-device tokenization in India

Push Provisioning Step by Step

Multi-acquiring in eCommerce Payments

How to increase approval rates in eCommerce?

Tokenization in eCommerce Payments

Paytool as an eCommerce payment aggregator

Tokenization in eCommerce Payments

Payment Scheme Tokenization

Card on File Tokenization

Apple or Google Pay Tokenization

Advantages of Using Tokenization