What is Payment Tokenization?

Credit card tokenization is the process of replacing sensitive card data with a unique identifier (a token) that retains all of the essential information without compromising its security. The token cannot be mathematically reversed and is stored in First Atlantic Commerce’s payment gateway infrastructure.

The tokens support all payment models including authorization, capture and settlement, recurring and subscription billing and partial captures.

By employing FAC’s tokenization solution, merchants can move their customer’s credit card information out of their own environment. Credit card tokenization of data not only mitigates the potential impact of a security breach, but reduces the costs and scope of PCI.

PCI DSS Tokenization

FAC’s tokenization service is a Payment Card Industry Data Security Standard (PCI DSS) compliant solution that allows merchants to store their customer’s card details on our platform.

Our credit card tokenization solution removes consumer card data from a merchant’s payment environment, thereby minimizing the risks associated with handling and storing that data.

In PCI DSS, tokenization replaces the sensitive PAN (Permanent Account Number) with non-sensitive tokens. Under the credit card tokenization model, encrypted payment data is stored only in a central data vault and tokens replace the credit card values.

When a credit card is used for purchase, the number is transmitted to the tokenization system/server.  A token using that data is generated and returned to the calling application and takes the place of the credit card number. This token can be passed around the network between applications and other business processes safely, while leaving the encrypted data it represents securely stored in a central data vault. The token therefore poses no threat to the security of cardholder data if stolen by a fraudster.

By reducing the scope of PCI DSS, merchants can lower the cost and hassle of PCI DSS compliance while ensuring best practice of cardholder information.

Credit Card Tokenization

What is Tokenization?

Credit card tokenization is the process by which a customer’s sensitive credit card information is replaced by a surrogate value called a “token”.

How does it work?

When FAC receives cardholder data from a merchant, we transmit it to the credit card networks for authorization. Once authorized, we generate a unique token, which is assigned to that customer’s card data and returned to the merchant.

To initiate future charges or refunds, the merchant submits the token in lieu of the actual card number. This allows a merchant’s returning customers to complete a transaction by entering minimal payment details.

De-tokenization is the reverse process of redeeming a token for its associated PAN value.

Step 1 – Cardholder Registration – Creates the token for use in future transactions with the merchant

Credit Card Tokenization: Step 1 – Cardholder Registration

Step 2 – De-tokenization/Transaction process – Merchant uses the token for transactions

Credit Card Tokenization: Step 2 – De-tokenization/Transaction Process

Key Features of Tokenization

  • Reduced PCI scope
  • Lower costs of PCI DSS compliance
  • Secure Card Data
  • Streamlined transaction processing
  • Simplified repeat purchases
  • Increased customer conversion

Useful Resources

To find out more please contact us. Or simply apply online.