What is credit card tokenization ?

·

2 min read

Cover Image for What is credit card tokenization ?

Credit card tokenization is a security mechanism using which a credit card number is transformed into a different number and that number is passed around to merchants and payments processors.

Credit cards are a great way to make payments because they are really simple. A merchant only needs a 16-19 digit number, 3 digit cvv and expiry info to charge a customer. Nothing beats this convenience.

However, this also means that the numbers can be stolen just as easily. Once a credit card number is stolen it takes the bank around $12-$400 to issue a new credit card, revert old fraudulent payments if any.

Tokenization is a process where a merchant gets a real credit card number from the customer but instead of using it directly, it obtains a “token” from the card network which represents the same credit card but is a totally different number. This can then be stored by merchant.

If this number get stolen, it is not a big deal as this number can not work anywhere except with the merchant.

There are multiple types of tokens:

  1. Cloud tokens : A tokenized credit card which is typically generated from an existing card number without even telling the customer. This sort of tokens are totally opaque to user.

  2. Device tokens : Device token is a tokenized credit card that is stored on your device like Apple Pay or Google Wallet. These are typically one time use tokens that you end up using when you tap to pay. To generate these tokens, the user needs to be in session.

  3. Virtual card tokens: This is when the customer themselves generates a new card number and then uses it to make payments.

We expect tokens to become more and more popular going forward and important part of fintech ecosystem.

Tokenization improves user security and helps prevent fraud and helps customers make their purchases without worrying about bad actors stealing their credit card info.