Article
Optimise card payments with network tokenisation
The Primary Account Numbers (PANs) embossed on cards are from a different time. Discover how network tokenisation takes card payments into the online economy.
In the 1950s, shopping happened in person, in cash, every time. The credit card was invented so people could pay without carrying a wad of cash. As paying in plastic gained ground, card schemes needed a way to connect cards to the people using them at scale.
Thus, the PAN was invented. From the mid-1960s, the slightly raised embossed numbers on payment cards became the perfect way to keep track of card payments.
Technology has come a long way since then. We now drive electric cars, have flat-screen TVs in almost every household, and conduct a large part of our lives online. Yet the PAN remained the main identifier for online and in-person card payments, leading to a rampant trade of credit card information and fraud.
Luckily, there’s a way to protect customers from online payments fraud. Network tokens are used by digital wallets like Apple Pay and Google Pay, and by major card schemes to create effortless and secure online payments experiences.
Read on to learn about network tokens and why they help you protect your customers and your business.
What is network tokenisation?
Network tokenisation is an automated process that replaces a 16-digit PAN with a non-sensitive reference called a network token. These network tokens are used to authorise online and recurring payments.
When a customer chooses to save their card details, that business can request a network token for that card and use the token for future payments. Since network tokens don’t expire, the token will remain valid even if the issuer replaces a card. This results in higher authorisation rates.
Network tokens are created by card networks like Mastercard, Visa, American Express, and Discover.
How does network tokenisation work?
A network token can be requested by a merchant, payment gateway, or payment processor. The requestor sends a PAN to the card scheme, which forwards the request to the issuer. The issuer approves the request, and the network issues the token.
Tokens are domain-locked, meaning the same token can only be used by the party that requested it. This means that stolen tokens will only get scammers so far, since a token cannot be used by a party other than its requestor.
To add an extra layer of security to network tokens, card schemes issue a cryptogram each time a customer uses their saved card details to initiate a purchase. These cryptograms are effectively one-time-passwords that are contextual to the business, token, and purchase. They need to be used together with the token for that specific payment and are valid until they’re used or expire.
What are the benefits of network tokenisation?
Network tokenisation has many benefits for schemes, digital businesses, payment processors, and consumers alike. They are specifically designed to improve the security and experience of online and recurring payments.
Higher authorisation rates
A PAN might expire and be replaced when a new card is issued. Any online or recurrent payment done with the expired PAN will be declined. Customers often don’t have overview on all their online purchases and subscriptions, making it near-impossible to update their payment information everywhere.
Network tokens don’t expire, even if the PAN is updated. As long as the token is used, the payment will be authorised, leading to higher authorisation rates. We’ve seen an average uplift of 3% in authorisation rates for businesses on our platform who use network tokenisation.
This is especially valuable for businesses with an online subscription model, like streaming services. Adopting network tokenisation will reduce transaction failures, retries, and customer service costs.
Increased security
Network tokenisation improves security by design. Because tokens and cryptograms are bound to their requestor, stolen tokens are useless to fraudsters. On top of that, customer-initiated payments require a one-time use cryptogram. And since the actual PAN is stored securely by the payment partner or scheme, it becomes more difficult to steal the payment information.
Ensure PCI compliance
Businesses that store PANs need to comply with the Payment Card Industry Data Security Standard (PCI DSS). Since network tokenisation replaces the sensitive PAN with a non-sensitive token, tokens are out of the PCI scope. Even businesses that are PCI compliant can reduce their PCI scope by replacing some of their PANs with network tokens.
Save on processing fees
Some schemes, like Visa, might charge a fee for the management of issued tokens. They still charge lower fees for processing tokens than for processing PANs. By adopting network tokenisation at scale, you’ll save on every transaction.
Experience more benefits of network tokenisation with Adyen
We’re seeing a fast adoption of the technology with 2 billion active network tokens on the Adyen platform to date. As card networks and issuers are updating systems to start using network tokens, the technology is constantly evolving.
To help businesses adopt network tokenisation with minimal hiccups, businesses can leverage our Network Token Optimisation as part of our single platform solution. With Network Token Optimisation, our platform dynamically decides whether to use a token or a PAN depending on the issuers' authorisation preference at that time. The decision is based on machine learning that’s trained with data from the world’s largest ecommerce and online businesses and constant testing.
The best part? Your business can start using network tokens and Network Tokenisation Optimisation with the same integration you use for payments.