Payments 101: What are network tokens?
Sep 10, 2023
Security is a top priority for e-commerce merchants, and new technologies are constantly being developed to combat fraud and ensure payment security. Network tokens, introduced by Visa, Mastercard, and AMEX, are one such development. With this technology being introduced in the European market in 2021, it is crucial to understand what network tokens are and how they function. While solving security challenges, network tokens also help businesses create seamless payments experiences that are making a material difference to conversion and revenue.
What is tokenization?
Before we dive into network tokens, we should explain the concept of tokenization. Tokenization is the process of replacing sensitive data, such as credit card details, with a unique string of numbers, known as a payment token. This technique is commonly used in the payments industry to secure cardholders' primary account numbers (PANs) and reduce the risk of fraud. These PANs are the 15- or 16 digits present on a credit or debit card. The concept of using a token to safeguard something of value is nothing new: think of chips in a casino or tokens in an arcade - payment tokens follow the same principle.
The tokenized payment flow involves generating and securely storing the payment token and using it for subsequent transactions. Payment Service Providers generate their own tokens and accept tokenized payments for online and contactless transactions. Tokenization allows for one click payments, helps merchants comply with PCI DSS requirements - as they do not need to store the card data - and reduces the risk of data breaches while offering a more secure and seamless checkout experience for customers.
What are network tokens?
Network tokens move the tokenization from the Payment Provider to the card schemes. When a customer makes a purchase for the first time with a Merchant, their card details are sent to Scheme Token Service through the payment page hosted by the Payment Provider. When the issuer approves the transaction, the Scheme Token Service replaces the card data with a unique token. This generated token can be used for repeated purchases with the Merchant, eliminating the need for the customer to re-enter their card number. In the picture below you can see how repeated transactions can be initiated with the use of network tokens (the blue arrows).
Token Service Providers are entities that enable merchants to generate and use network tokens. Token service providers register a Token Requestor ID identifying each merchant. The Token Requestor ID serves as a way to limit the usage of tokens to the domain of the Merchant, which provides an advantage over tokenization done by PSPs in terms of security. When a customer makes a repeated purchase, the Token Service Provider sends the network token tied to that customer to process the payment, as described above. Transactions initiated by customers require the use of a cryptogram in addition to the network token. Cryptograms are a secure element created uniquely per-transaction with the role to reduce fraud. Token service providers play a critical role in the scheme token ecosystem, as they ensure that merchants can accept tokens from a variety of issuers and payment networks.
How do network tokens work?
Network tokens are used in a variety of payment scenarios, including in-store, online, and in-app transactions. In each case, the customer's actual card data is replaced by a unique token generated by the Scheme’s Token Service Provider - a product from the schemes. In the picture above you can see the payment flow for a n initial transaction that generates a network token.
There are two use cases to highlight here: repeated customer initiated transactions and a merchant initiated recurring transactions.
Repeated customer initiated transactions:
When the customer makes a purchase, the merchant requests the Token Service provider to obtain a new cryptogram from the Scheme Token Service by providing a network token. The PSP forwards the token to the payment network for processing. The payment network then sends an authorization request where the network token and cryptogram are included alongside the transaction details for authorization. The issuer verifies the token and either approves or declines the transaction. For subsequent transactions the customer does not have to fill in their credit card details. The PSP on behalf of the merchant carries out the process of obtaining new cryptograms in order to initiate transactions.
With recurring transactions, only the initial transaction makes use of the cryptogram together with the network token. After the initial authorization by the issuer there is no need for receiving additional cryptograms for subsequent recurring or unscheduled transactions initiated by the merchant. The recurring transactions are verified based on the initial transaction data and network token of the customer.
Why e-commerce merchants should care about network tokens
Now that we’ve covered how network tokens work, let’s take a closer look at why e-commerce merchants should take an interest in them. By keeping sensitive payment information out of the merchant's hands and replacing it with a token, network tokens eliminate the need for merchants to store and protect this data.
The main benefits of network tokens for merchants can be summarized as:
Schemes offer a discount on interchange when network tokens are being used by the merchant. Additionally, by using network tokens, businesses can lift authorization rates by 3% for legitimate repeat customers, reduce fraud by 28%, and optimize revenue with automated updates for the latest account information. Network tokens also provide a smooth path for ongoing authorizations, avoiding lost revenue from expired cards.
Avoiding Vendor Lock-in
Traditional payment service provider (PSP) tokenization can lead to a scenario where a merchant becomes locked in to a specific vendor, as they are not the rightful owner of the generated tokens. However, if a merchant owns the network tokens, they gain the freedom to direct payments to various payment providers, thereby avoiding vendor lock-in.
Network tokens provide enhanced security for both customers and merchants by replacing sensitive card data with non-sensitive tokens. This reduces the risk of fraud and data breaches, as tokens cannot be used for fraudulent activities even if they end up in the wrong hands.
Better Customer Experience
With network tokens, customers can enjoy a seamless checkout experience, as they no longer need to enter their card details each time they make a purchase. Tokens can be stored securely and used for future transactions, making the checkout process faster and more convenient.
Safeguard your Business
By keeping customer data encrypted and secured, merchants can comply with the Payment Card Industry Data Security Standard (PCI DSS), which requires them to protect sensitive cardholder data. network tokens help merchants to achieve compliance while reducing the complexity and costs associated with achieving and maintaining compliance.
Compliance Cost Savings
Network tokens help businesses reduce their PCI DSS compliance scope and costs while providing better customer insights. It allows for a complete view of customers and their buying behaviors, making it easier to provide personalized experiences.
In conclusion, network tokens offer several benefits over traditional tokenization by payment service providers. One of the most significant advantages is that they enable lower costs and higher authorization rates. Additionally, network tokens offer better cardholder authentication, making them a more secure and efficient payment processing option. Finally, network tokens, when owned by the merchant, avoid the risk of being locked in by your Payment Service Provider and offer the opportunity to route your payments however you want.
Therefore, if you're an e-commerce merchant looking for a more secure, efficient, and compliant payment processing option, network tokens are a must-have if you care about conversion and revenue optimization. Contact your payment service provider today to learn more about this technology, and whether you own your network tokens and can use them for other parties you route payments through.