Paylosophy logo

The wisdom of payments processing

Wednesday
May 31
2023

MENUMENU
  • Home
    • About
  • Payment Gateways
    • Gateways 101
      • Introduction
      • Processing Costs
      • Integration Process
      • Settlement/Capture
      • Standard Features
      • Fraud Protection
      • Reporting Services
      • Chargeback Information
    • Gateways 102
      • Introduction
      • Credit Card Convenience Fees
      • Batch Transaction Processing
      • ACH Transaction Processing
      • Support for Recurring Billing
      • Credit Card BINs and Card Intelligence
      • Credit Card Payment Aggregation
      • Merchant Onboarding and Provisioning
    • Recurring Billing
      • Recurring Billing Software
      • Important Recurring Billing Features
      • Advanced Recurring Billing Features
      • Collections Process
      • Recurring Billing System Organization
      • 4 Cs of Recurring Billing
      • Optimizing Recurring Billing with BIN-files
      • Account Updater Models
      • Usage-based Billing: Beyond Recurring Billing
  • Security & PCI
    • Payment Security
      • Google Authenticator
      • Credit Card Fraud Protection Tools
      • Merchant Fraud Protection Tools
      • 3D Secure Program
      • 3-D Secure and MPI Integrations
      • Phishing Attack Prevention
      • Payment Gateway Monitoring
      • What is 3DS 2.0 & Why Does it Matter to Payment Gateways
    • PA DSS & PCI compliance
      • Payment Concepts: PCI Compliance
      • PCI Compliance Levels
      • Payment Concepts: Payment Card Data Storage
      • Payment Concepts: Credit Card Tokenization
      • Payment Concepts: Cardholder Data Flow
      • PA-DSS Certification
      • Mobile Payment Processing Techniques
      • Mobile and In-app Payment Handling
      • PCI Compliance News
  • Terminals & EMV
    • Payment Terminals
      • Encrypted MSRs and Payment Terminals
      • Implementing Your Own Payment Terminal Solution
      • Integrating Terminal Application into a Payment Ecosystem
      • Terminal Solution Components
      • Payment Terminal Application Features
      • Embedded Payment Terminal Solutions
      • Payment Terminal Management Systems
      • Payment Terminal Fulfillment Process
      • EMV payment terminal cloud demystified
      • POS Terminals from Sunmi: Integration Experience and Recommendations
    • EMV & Contactless
      • EMV Certification in a Nutshell
      • The Benefits of EMV Cards
      • Peculiarities of host EMV integrations
      • EMV, P2PE, or both?
      • EMV Parameters and EMV Keys Rotation
      • The challenges of mobile EMV solutions
      • EMV Fallback Transaction
      • EMV Compliance: How to Become EMV Compliant
      • Credit Card Processing in Restaurant Industry
      • Contactless Payments Demystified
      • EMV Terminal Certification and EMV Toolkit
      • EMV Toolkit: Experience and Recommendations
  • PSP & Facilitators
    • PSP & PayFac 101
      • Becoming a Payment Service Provider
      • 3 Cs for Payment Service Providers
      • Payment Facilitators’ Role in Merchant Services
      • PSPs, Payment Facilitators, and Aggregators
      • Merchant Funding for PSPs
      • Handling Merchant Fees
      • Merchant Services Reserves
      • Sub-merchant Funding
      • The Benefits of Becoming a Payment Facilitator for Franchisors
      • Becoming a Payment Facilitator for a Saas Platform
    • PSP & PayFac 102
      • Processor-specific Platforms for Payment Facilitators: Vantiv
      • On the way to Payment Facilitator Model
      • Virtual Payment Facilitator Model
      • White Label Payment Facilitator Model
      • Before Starting a Payment Facilitation Project
      • Payment Facilitator Paradigm and Beyond: VAR, ISV, Next-generation ISO
      • Gateway Selection for SaaS and PayFac Payment Platforms
      • Best Crypto Payment Gateway Solutions for Platforms
      • How PayFac Model Increases Your Company’s Valuation
  • Payment Advice
    • Strategies
      • Intro: Business Solution Upgrading Challenges
      • Payment System Integration
      • Migrating from One Processor to Another
      • Legacy System Replacement
      • Dealing With Multiple International Payment Platforms
      • Getting out of PCI scope
      • Implementation of EMV Payment Terminal Solution
      • From ISO to Payment Facilitator
      • From Batch to Retail Payment Processing
      • Your Own Payment Gateway: the Key Aspects
      • Payment Monetization for SaaS Companies
      • Healthcare Payment Solutions for Merchants and Platforms
    • Concepts
      • Credit Card Chargebacks
      • ACH Returns
      • Declined Credit Card Transaction Recycling
      • Chargeback Handling Lifecycle
      • Credit Card BIN Files
      • Demystifying Bank Transfers
      • PINless Debit Card Networks
      • Offline Processing: Store-and-forward
      • Payment Card Transaction Decline Codes
      • Merchant Services Commissions Sharing
      • Merchant of Record and Payment Facilitator
      • Cross-border Transaction Processing Fees
      • Embedded Finance for Your Business
    • Opinions
      • 3 Companies, that Need Open Source Payment Gateways
      • Challenges of Startup Merchants
      • Accepting Credit Card Payments in Different Currencies
      • Handling Bank Account Transfers Worldwide
      • The Challenges of Chargeback Disputing and Delivery
      • Credit Card Processing for Startups
      • Payment Gateway Integration for E-commerce Websites
      • Finding an Optimal Acquiring Partner for Your Business
      • Starting a Payment Gateway
      • Enterprise Payment Technology for an Investment Company
      • Global Payment Solutions for Indian Platforms
      • Payment Solutions for African Merchants
  • Technology
    • Solutions
      • Payment Processing Solutions
      • Payment Gateway Solutions
      • Payment Gateway Branding
      • Credit Card Batch Processing Optimization
      • ACH and Credit Card Transaction Descriptors
      • Hosted, Licensed and In-house Payment Gateway Solutions
      • Read and Connection Timeout Handling
      • Challenges of Transaction Data Archiving
      • Point-to-point Encryption
      • Processing of Closed Loop Gift Cards
      • Payment Processing Emulators in Payment Gateways
      • White Label Payment Gateway of Your Own
    • Ecosystems
      • Split Funding and Adaptive Payments
      • Internet-acquiring and Omni-channel Payment Platforms
      • Payment Gateways and High Availability Concept
      • Handling Interac Payments in Canada
      • Online Marketplace Model
      • Split Funding Models
      • Split Funding Challenges
      • On the Way to Collaborative Payment Processing
      • Payment Gateway Cloud
      • Flavors of White-label Payment Gateway
      • White Label Payment Gateway and Why Businesses Implement It
    • Paradigms
      • Credit Card Processing without a Merchant Account
      • Transaction Processing Cost Reduction: Smart Negotiations
      • Smart Processing Cost Reduction Strategies
      • Open Source Payment Gateway: Fees and Savings
      • Your Own Payment Gateway Similar to Stripe or Square
      • Time for Transaction Processing Cost Reduction
      • Credit Card Processing Cost and Quality
      • Credit Card Processing Risks: Geographical Aspect
      • The Right Crypto Payment Gateway Solution for Your Business
      • Cryptocurrency Payment Gateway: The Time has Come
      • Crypto Payment Functionality and Optimal Blockchain Selection
      • SoftPOS Solutions
  • FAQ
    • Fundamentals
      • What is credit card tokenization?
      • What is a credit card chargeback?
      • What is payment gateway software?
      • What is a recurring billing?
      • What is an ACH payment gateway?
      • What is a credit card BIN?
      • What is a payment service provider?
      • What is a credit card descriptor?
      • What is payment aggregation?
      • Why You Need Acquiring Bank Partnerships
      • Acquirer, Processor, Gateway: who is who?
      • ISO versus Payment Facilitator: Who Survives?
    • How payments work
      • How to decrease transaction decline rate in recurring billing?
      • Handling of Convenience Fees
      • What Payment Gateways do Companies Like Airbnb and Uber Use?
      • HSM, Tokenization Appliance, or Both?
      • Is it Time to Switch to a New Payment Gateway Solution?
      • How to Streamline Merchant Onboarding and Provisioning
      • How to Save on Merchant Services Fees
      • Saving on Merchant Services Fees (Part 2)
      • How a SaaS Platform Can Profit from Credit Card Processing
      • Why Payment Platforms Should Support Cryptocurrencies
      • How SaaS Platforms Can Save on Payment Monetization
      • How to Implement a SoftPOS Solution
close loop
Glossary Ask Question About

Why would I need credit card tokenization and how can it be implemented?

1.02K viewsMay 17, 2023
[email protected] April 11, 2017 0 Comments

1 Answer

  • Active
  • Newest
  • Oldest
James Davis Posted April 14, 2017 0 Comments

Credit card tokenization is an approach used by businesses, which process credit card payments, to reduce their PCI scope. In order to ensure cardholder data protection, PCI requires credit card numbers to be handled in a special way. Basically, the more contact with actual credit card numbers your payment system has, the higher your PCI scope is, and, consequently, you have undergo the more extensive annual PCI audit. Credit card tokenization service allows merchants to reduce their PCI scope by replacing real credit card numbers with tokens, which are generated using special hashing (and other) algorithms. The actual card numbers card numbers are stored by tokenization service provider, and not by the merchant, so if the merchant’s the system is ever compromised, the card numbers cannot be stolen. The term “credit card tokenization” is more accurate than “payment tokenization”, because it is card number that is actually replaced by a token.

From conceptual viewpoint, there are two approaches to credit card tokenization. They can be called pure tokenization and customer profiling. Under the first credit card tokenization approach only the customer’s credit card number is tokenized when a transaction is processed. Under the second approach the whole profile of a customer is maintained and when a transaction is processed, all the data (card expiration date, billing address) which is necessary for the transaction to come through, is “pulled” from that profile.
From hardware viewpoint, there are also two approaches to credit card tokenization implementation. They are: tokenization through appliance and tokenization as service. Under the first approach the company needs a special PCI-compliant hardware device, to perform tokenization. Under the second approach credit card tokenization service is delegated to the payment gateway, credit card processor, or some third party. The second approach (credit card tokenization as service) can actually get the merchant out of PCI scope, although it requires more integration-related efforts.

More information on credit card tokenization and its implementation can be found in the respective article on our blog, in the section on PCI compliance.

Register or Login

Subscribe to our Newsletter

Receive Regular Updates on Payment Industry

Topics

  • Payment Gateways
  • Security & PCI
  • Terminals & EMV
  • PSP & Facilitators
  • Payment Advice
  • Technology
  • Glossary
  • Ask Question

Recent Posts

  • ACH Return Codes and Best Ways to Handle Them
  • Recurring Revenue Business Model
  • Web Tokens as an Important Embedded Payments Feature
  • Web Hooks as an Embedded Payments Feature
  • Payment Gateway Comparison Revisited
  • How SaaS Platforms Can Save on Payment Monetization
  • Payment Monetization for SaaS Companies
  • How to Implement a SoftPOS Solution
  • Crypto Payment Functionality and Optimal Blockchain Selection
  • SoftPOS Solutions


Copyright© 2023, United Thinkers

Privacy Policy

  • Payment Gateways
    • Gateways 101
    • Gateways 102
    • Recurring Billing
  • Security & PCI
    • PA DSS & PCI compliance
    • Payment Security
  • Terminals & EMV
    • EMV & Contactless
    • Payment Terminals
  • PSP & Facilitators
    • PSP & PayFac 101
    • PSP & PayFac 102
  • Payment Advice
    • Concepts
    • Opinions
    • Strategies
  • Technology
    • Ecosystems
    • Paradigms
    • Solutions
  • FAQ
    • Fundamentals
    • How payments work