What are Token Payments?
It’s a question that we’ve been getting asked quite frequently by new merchants or those that are curious about the product. It is a very simple concept and exists for the sole purpose of removing the requirement of storing any credit card data on the merchant’s servers. Most merchants are aware of the PCI DSS which states that:
“PCI DSS requirements are applicable if a Primary Account Number (PAN) is stored, processed, or transmitted. If PAN is not stored, processed, or transmitted, PCI DSS requirements do not apply.”
The idea behind the Token Payments application is that a merchant submits a credit card number to the Merchant Warrior Payment Gateway for storage. We work with our merchants to ensure that the transmission of this data is secure and then encrypt the credit card information and store it. A Token/ID is assigned to the specific credit card number and this Token/ID is transmitted securely to the merchant for future processing.
In short – merchants substitute all credit card data storage for Token/IDs. This means that a merchant’s database will contain a Token/ID for each credit card that they plan on billing in the future. For all future transactions for a specific credit card, the merchant will simply send a Token/ID to the Merchant Warrior Payment Gateway and we will handle the processing of the payment.
Some of you may be wondering why or when storage of credit card information would be necessary, so let’s discuss that.
Why Token Payments?
Any business that operates with a recurring billing model will know that storage of credit card information is extremely important. In order to bill a customer more than once (automatically) you will need to know their credit card details. Quite a few businesses will utilize the Recurring Payments features that come bundled with their Payment Gateway, however, this is only useful for merchants that plan on billing customers a static amount over a period of time. What happens if you’re billing amount changes frequently? What happens if YOU want to control when your billing takes place? These are situations where Token Payments come in handy. One of the reasons why so many merchants choose to implement Token Payments into their applications is due to the ability to to remain PCI DSS Compliant, whilst not having to worry about storing any customer credit card information, and still having access to your customer’s details when the time comes to bill them.
This is not the only reason why merchants look into Token Payments. Customer loyalty is another very important aspect of business that can be increased by implementing Token Payments into an application. How many of you hate having to enter in your credit card number every time you wish to purchase an item? If you sign up with a particular store and they already have your credit card number on file are you not more inclined to use them again for future purchases?
Apple is a perfect example of how Token Payments can be used to increase customer loyalty. After your first purchase with Apple your credit card is stored against your account and all future purchases only require you to enter your CSC (Card Security Code). By implementing Token Payments into your applications you are able to take advantage of this feature.
Token Payments may not be a requirement for every online business, but they should be considered by merchants that require a way to control their own recurring billing and/or need to store credit card information securely, whilst still remaining PCI DSS Compliant.