Network tokenization refers to solutions offered by Visa (Visa Token Service (VTS)) and separately also by Mastercard (Mastercard Digital Enablement Service (MDES)). Tokenization is simply a process that replaces a card’s primary account number (PAN) — the 16-digit number on the plastic card — and other sensitive card details with a unique identifier, or “token” provisioned and managed by the card network.
Sidenote: Network tokens are different from payment gateway/acquirer tokens, which merchants also often use.
- Acquirer level tokenization, which is typically provided by an ecommerce merchant’s payments processor — your standard Adyen, Stripe, Braintree, Cybersource, etc. — also protects the card data from being compromised at the merchant level.
- But network tokens go one level beyond: network tokens provide increased security through the use of cryptograms, such that each token is unique to the specific transactional context (unique to a specific combination of PAN, device/channel, and merchant). So where gateway/acquirer tokens are theoretically decipherable and can be used by sophisticated bad actors to exploit cardholders/merchants, network tokens are specific to domains, making the lives of fraudsters harder.
No comments:
Post a Comment