Tokenization has become a cornerstone of modern eCommerce, offering a robust solution to enhance security, streamline transactions, and reduce costs. As businesses increasingly rely on online payments, understanding the intricacies of tokenization is essential. Our customers often inquire about the various applications and benefits of tokenization in eCommerce. Let's delve into this topic and explore how tokenization can revolutionize your online payment processes.
Table of Contents:
Payment Scheme Tokenization
Â
I think the term tokenization is most commonly used today in the context of VISA or Mastercard card tokenization. Both payment schemes have implemented tokenization systems (MDES and VTS), which were first used for mobile phones, but today are also used for eCommerce transactions. In such situations, tokenization means that a regular Mastercard or VISA payment card is associated with a token, which is a kind of virtual card number, and once this association is made, the user uses the token to initiate payment transactions from those cards. An example of such a use case could be Netflix which allows its users to add cards to the service and in many regions they map cards to tokens and for all transactions a token is used instead of a regular card. In the event of a security breach, a thief will steal the token numbers, not the card numbers.
Card on File TokenizationÂ
Â
Very often the term tokenization is used in the context of regular Card on File projects. Card on File is a solution that allows merchants or acquirers to enable card payments without constantly asking the user to enter the card number. A card is kept "on file", meaning that it is stored in the merchant's, acquirer's or processor's system and can be used any time the user confirms a transaction. In such a context, tokenization can be enabled without VISA or Mastercard, and the tokens are owned by the processor or acquirer and shared with the merchant. In the event of a security breach at the merchant, real card numbers are not exposed because they are securely held by a PCI DSS-compliant processor.
Apple Pay or Google Pay Tokenization
Sometimes tokenization is used in e-commerce in the context of Apple Pay and Google Pay transactions. In these projects, the system works very similarly to the standard payment scheme tokenization described above, but iOS and Android devices are used to authenticate the user and the transaction. Apple and Google enable different endpoints that merchants or acquirers can connect to and enable tokenization. Transactions are processed similarly to regular Mastercard or VISA transactions.
Benefits of Using Payment Tokenization in eCommerce
Typically, the main benefits of using tokenization are related to security and minimizing the PCI DSS requirements that merchants must meet. PCI DSS (Payment Card Industry Data Security Standards) requires any entity that holds and processes card data to take a number of steps to ensure that cards are processed securely. Often, tokenization brings additional benefits such as cost optimization and improved user experience.
However, if you are thinking of such a project, you should seriously consider all the potential long-term implications. If you do a project directly with your acquiring institution, you may be seriously affected if you decide to switch providers. The last thing you want as an eCommerce merchant is to have a monopoly on your payment provider. You should look for providers that work with multiple acquirers, can provide tokenization or card-on-file solutions for user cards and tokens, and are not tied to a single acquirer. In such cases, you can get acquiring bids from multiple acquiring partners and allow competition to drive down the price of payment processing.Â
Please contact Verestro if you are considering such projects.
Comments