際際滷

際際滷Share a Scribd company logo

What is Payment Tokenization?

R
Rambus Inc

What is Payment Tokenization? Tokenization enables banks, acquirers and merchants to offer more secure (mobile) payment services. It is the process of replacing card data with alternate values. The original personal account number (PAN) is disconnected and replaced with a unique identifier called a payment token. The mapping between the real PAN and the payment tokens is safely stored in the token vault. With tokenization the original PAN information is removed from environments where data can be vulnerable. Why tokenization? Tokenization heavily reduces payment fraud by removing confidential consumer credit card data from the network. The original data stays in the banks control. External systems have no access to this. Tokens are not based on cryptography and can therefore not be traced back to the original value. How does tokenization work? Step 1: A payment token is generated from the PAN for one time use within a specific domain such as a merchants website or channel. Tokens are sent to the token vault and stored in a PCI-compliant environment which does not allow merchants to store credit card numbers. Step 2: Tokens are loaded on the mobile device. Step 3: The NFC device makes a payment at a merchants NFC point-of-sales (POS) terminal. Step 4: The POS terminal sends the token to the acquiring bank, which sends it to the issuing bank through the payment network. Step 5: The issuer de-tokenizes the token to the real PAN and, if in order, approves the payment. Step 6: After authorization from the card issuer, the token is returned to the merchants POS terminal. Payment tokens perform like the original PAN for returns, sales reports, marketing analysis, recurring payments etc. 20. How can I issue tokens? In order to use tokenization, a bank or merchant should become a token service provider (TSP). A TSP manages the entire lifecycle of payment credentials including: 1. Tokenization: replaces the PAN with a payment token. 2. De-Tokenization: converts the token back to the PAN using the token vault. 3. Token vault: establishes and maintains the payment token to PAN mapping. 4. Domain management: improves protection by defining payment tokens for specific use. 5. Clearing and settlement: ad-hoc de-tokenization during clearing and settlement process. 6. Identification and verification: ensures the original PAN is legitimately used by the token requestor. Thinking of issuing payment tokens to e.g. secure mobile payments or secure your online sales channel? Bell ID can help: www.bellid.com info@bellid.com Martin Cox Global Head of Sales

1 of 30
Downloaded 881 times
WHAT IS PAYMENT TOKENIZATION?
Tokenization enables banks, acquirers and merchants to offer more secure (mobile) payment services.
It is the process of replacing card numbers with alternate values.
The original personal account number (PAN) is disconnected and replaced with a unique identifier called a payment token.
The mapping between the real PAN and the payment tokens is safely stored in the token vault.
With tokenization the original PAN information is removed from environments where data can be vulnerable.
Why tokenization?
1. Tokenization heavily reduces the risk of payment fraud by removing confidential consumer credit card data from the payment network.
2. The original card numbers stay in control of the bank. External systems do not have access to this information.
3. Tokens are random numbers and arenotbasedoncryptography,hence they cannot be traced back to the original value.
How does tokenization work?
A token is generated from the PAN for one time use within a specific domain such as a merchants website or channel. Step 1:
Tokens are sent to the token vault and stored in a PCI-compliant environment.
Tokens are loaded on the mobile device as part of the virtual card profile. Step 2:
The NFC device makes a payment at a merchants contactless point-of-sale (POS) terminal using the token as the card number. Step 3:
The POS teminal sends the token to the acquiring bank, which sends it to the issuing bank through the payment network. Step 4:
The issuer de-tokenizes the token to the real PAN and, if matched, approves the payment. Step 5:
Response from the card issuer is returned to the POS terminal using the token as the card reference. Step 6:
Payment tokens act like the original PAN for returns, sales reports, marketing analysis and recurring payments.
How can I use tokens?
In order to use tokenization, a bank or merchant should become a token service provider (TSP).
A TSP manages the entire lifecycle of payment credentials including:
1. Tokenization: Replaces the PAN with a payment token.
2. De-Tokenization: Converts the token back to the PAN using the token vault.
3. Token vault: Establishes and maintains the payment token to PAN mapping.
4. Domain management: Improves protection by defining payment tokens for specific use.
5. Identification and verification: Ensures the original PAN is legitimately used by the token requestor.
6. Clearing and settlement: Ad-hoc de-tokenization during clearing and settlement process.
Thinking of issuing payment tokens to secure mobile payments or secure your online sales channel? Bell ID can help: www.bellid.com info@bellid.com
With over 20 years of expertise, Bell ID is considered the worlds leading provider of lifecycle management solutions for tokens (e.g. smart cards, mobile NFC phones) deployed in single and multi-application programmes. www.bellid.com Martin Cox Global Head of Sales m.cox@bellid.com

More Related Content

What is Payment Tokenization?

  • 1. WHAT IS PAYMENT TOKENIZATION?
  • 2. Tokenization enables banks, acquirers and merchants to offer more secure (mobile) payment services.
  • 3. It is the process of replacing card numbers with alternate values.
  • 4. The original personal account number (PAN) is disconnected and replaced with a unique identifier called a payment token.
  • 5. The mapping between the real PAN and the payment tokens is safely stored in the token vault.
  • 6. With tokenization the original PAN information is removed from environments where data can be vulnerable.
  • 8. 1. Tokenization heavily reduces the risk of payment fraud by removing confidential consumer credit card data from the payment network.
  • 9. 2. The original card numbers stay in control of the bank. External systems do not have access to this information.
  • 10. 3. Tokens are random numbers and arenotbasedoncryptography,hence they cannot be traced back to the original value.
  • 12. A token is generated from the PAN for one time use within a specific domain such as a merchants website or channel. Step 1:
  • 13. Tokens are sent to the token vault and stored in a PCI-compliant environment.
  • 14. Tokens are loaded on the mobile device as part of the virtual card profile. Step 2:
  • 15. The NFC device makes a payment at a merchants contactless point-of-sale (POS) terminal using the token as the card number. Step 3:
  • 16. The POS teminal sends the token to the acquiring bank, which sends it to the issuing bank through the payment network. Step 4:
  • 17. The issuer de-tokenizes the token to the real PAN and, if matched, approves the payment. Step 5:
  • 18. Response from the card issuer is returned to the POS terminal using the token as the card reference. Step 6:
  • 19. Payment tokens act like the original PAN for returns, sales reports, marketing analysis and recurring payments.
  • 20. How can I use tokens?
  • 21. In order to use tokenization, a bank or merchant should become a token service provider (TSP).
  • 22. A TSP manages the entire lifecycle of payment credentials including:
  • 23. 1. Tokenization: Replaces the PAN with a payment token.
  • 24. 2. De-Tokenization: Converts the token back to the PAN using the token vault.
  • 25. 3. Token vault: Establishes and maintains the payment token to PAN mapping.
  • 26. 4. Domain management: Improves protection by defining payment tokens for specific use.
  • 27. 5. Identification and verification: Ensures the original PAN is legitimately used by the token requestor.
  • 28. 6. Clearing and settlement: Ad-hoc de-tokenization during clearing and settlement process.
  • 29. Thinking of issuing payment tokens to secure mobile payments or secure your online sales channel? Bell ID can help: www.bellid.com info@bellid.com
  • 30. With over 20 years of expertise, Bell ID is considered the worlds leading provider of lifecycle management solutions for tokens (e.g. smart cards, mobile NFC phones) deployed in single and multi-application programmes. www.bellid.com Martin Cox Global Head of Sales m.cox@bellid.com