Online payments

Scheme Tokenization

Last updated: 13-Mar-2024
Download as PDF

Overview

Network tokens are unique digital identifiers used to supply a tokenized value instead of the primary account number (PAN) in all parts of the payment chain. These tokens replace sensitive card data, like the account number and other details used for payment, without exposing the actual account information.

Network tokens are generated automatically and in real-time by the card schemes as customers use their cards.

A network token will never expire the same way as a payment card. When you replace cards with network tokens you will enjoy the benefit of having tokens that will always be kept valid by the payment scheme and card issuer. If the card issuer sends a completely new card to the cardholder, then the cardholder will receive the new card but does not need to do anything with any of his subscription services at merchants that utilize network tokens behind the scenes. Active tokens are kept up to date automatically if the cardholder’s bank account is active. Cardholders will in this way avoid updating services with the new card, and you will not need to delay payments, cause inconvenience to customers or lose them.

EMV's Payment Account Reference (PAR) is a non-financial reference that links each Token PAN to the Cardholder Account.

Availability

The Scheme Tokenization functionality (Network token & Payment Account Reference - PAR) can be retrieved under the token scope. This means that it can be set by Organisations with the same type of Merchant Company as for the token scope. The setup for scheme tokenization in Verifone Central will be available when a token scope is created or updated.

Scheme Tokenization

You will receive the network tokens and PAR only if the Token Requestor ID is provided by you. If the Token Requestor ID is provided by Verifone, then you cannot receive the network tokens and PAR. 

   Note: At the moment, we do not support the usage of the Token Requestor ID provided by the merchant. The current implementation supports only the usage of the Verifone Token Requestor ID.
   Check the Supported acquirers page for more information on Scheme tokenization availability.

Whenever the merchant requests for scheme tokenization to be enabled, the "Allow Network Tokenization" checkbox from the Payment Provider Contract page in Verifone Central has to be ticked. This checkbox will be shown whenever the network tokenization is supported by the acquirer/processor.

Benefits

Because network tokenization removes the need for sensitive cardholder data to enter the payments ecosystem, it significantly reduces the risk of payment card fraud and data theft. As a result, it helps decrease declines, chargebacks, and interchange fees.

Network tokens help reduce risk and improve the customer experience throughout the payments process. Further, transactions that use network tokens can potentially qualify for higher authorization rates and higher checkout conversion.

While the network token is mostly useful for payment purposes, the Payment Account Reference (PAR) is useful for analytics purposes. The PAR enables you to have a unified view of customers as the PAR value allows you to link all the purchases of a customer to one.

Workflow

To enable the Scheme Tokenization functionality is needed to have the corresponding setup in Verifone Central under the token scope.

In terms of API endpoints, there are two endpoints that will be updated so that the scheme tokenization information to be added:

  • Update token details endpoint

In the “Update token details” call we have added an optional parameter scheme_token_action through which you can request to activate, suspend or delete the scheme tokenization 

Update Token Details 1

For the VISA cards, the merchant will have to pass in the request for the cardholder's email address as well so that the network tokens are generated. This is a mandatory field only for VISA cards. 

In the “Update token details” response we have added the scheme token details:

Update Token Details 2

You will receive these scheme details only if you provide the Token Requestor ID. If the Token Requestor ID is provided by Verifone, then you cannot receive the network tokens and PAR and only the Verifone tokens and the scheme_token_status are returned.

  • Get Token details endpoint

Get Token Details Endpoint

We have added these scheme token details in the “Get token details” response as well.

Same as with the “Update token details”, you will receive these scheme details only if the Token Requestor ID is provided by you. If the Token Requestor ID is provided by Verifone, then you cannot receive the network tokens and PAR and only the Verifone tokens and the scheme_token_status are returned.

For the payment flow, whenever the scheme tokenization functionality is enabled, the network token is used for transaction processing instead of the PAN/DPAN. More exactly, Verifone sends to the acquirer the network token through the “PAN” field, the 3D Secure cryptogram, and the network token cryptogram.  If the scheme tokenization is not supported, then the payment is done via PAN/DPAN.

Network Tokens Payment Flow

Rate this article:
Download as PDF

Need help?

Do you have a question? If you didn’t find the answer you are looking for in our documentation, you can contact our Support teams for more information. If you have a technical issue or question, please contact us. We are happy to help.

Get in touch

Not yet a Verifone customer?

We’ll help you choose the right payment solution for your business, wherever you want to sell, in-person or online. Our team of experts will happily discuss your needs.

Contact sales Get Started
Verifone logo