Tokenization and What's Next

Simple in concept, #payment tokenization is a way to secure credit card and payment data. A?#tokenization system surrogate credit card data—such as the cardholder's name, account number and expiration date—and replaces it with a random string of letters and numbers. This token is ?then used to perform payment transactions as a link to sensitive card data, which resides somewhere else in high-security infrastructure. If the merchant's network or a payment network is hacked, the bad actors only receive strings of data that are unusable for fraud purposes. The digital token protects the underlying account information and can only be unlocked by its #issuer.

Tokenization is increasingly relevant across the payment ecosystem for several reasons. First—#security . Across more than 8,600 issuers and 800,000 merchants using Visa tokens, to take this example, fraud rates decreased by 28% and approval rates increased by 3%. The token service enabled enrolled merchants to increase sales while lowering fraud-related expenses.???

Convenience is another driver of tokenization. Unlike EMV chip cards that provide similar security for in-person transactions, tokenization secures transactions online, in a store, or within a #paymentapp . #applepay , #googlepay and other #digitalwallets use tokenization. At the same time, tokenization simplifies PCI compliance since actual card data no longer resides on the merchant's network. Merchants can use tokenization to more easily protect customer accounts from fraud while delivering a frictionless, card-free experience across all sales channels.

?There are multiple types of tokens:

??Acquirer tokens: Generated by acquirers when processing cardholder transactions on behalf of merchants.

??Issuer tokens: Generated by card issuers for specific use cases, such as Apple Pay, Google Pay and Samsung Pay.

? Payment tokens: A variant of issuer tokens, generated on behalf of at least one card issuer in a token program. Merchant and cardholder transactions request these tokens for specific use cases. For example, device-specific tokens are issued to mobile applications on behalf of a cardholder.

??Network/payment systems tokens: Generated by the Visa, Mastercard, American Express, Discover, JCB and other credit card networks (domestic, regional, or international).

??#Merchanttokens: Created specifically for a merchant by a token provider. These tokens are owned by the merchant and can be incorporated into customer journeys and other business processes, as well as in conjunction with other tokens.?

?Uses for tokenization are evolving rapidly. A number of payments, acquiring, issuing, and technology industry groups are collaborating to clarify and coordinate tokenization applications for seamless global use. The goals remain the same however—greater security without friction and with the possibility of additional, innovative uses for tokens. Stay tuned!?