Pay InTokenization

Tokenization and saved payment methods overview

Use tokenization to store and reuse payment methods securely

Applies to:DevelopersPartners

Tokenization is the process of exchanging sensitive data for nonsensitive data called tokens that are used in a database or internal system without bringing customer card data into your PCI scope. Using tokenization, organizations and paypoints can continue to use this data for business purposes without incurring the risk or compliance scope of storing sensitive data internally.

When you process a payment using the token stored in Payabli’s systems, only the original credit card tokenization system can swap the token with the corresponding primary account number (PAN) and send it to the payment processor for authorization. Your systems never record, transmit, or store the PAN, they only use the token.

Although they both include the term token, the tokens created when you tokenize a payment method are different than the API tokens that you use to authenticate in Payabli.

Types

Some tokenization types are available only in certain accounts. Contact the Payabli team if you have questions.

During the integration process, the Payabli team helps you select the appropriate tokenization type for your needs.

Payabli has three different tokenization types for saved payment methods:

  • Merchant Token
  • Universal Token
  • Network Token

Note that tokenization types for payment methods, like those described on this page, have nothing to do with API tokens used for authentication with Payabli. For help with API tokens, see Authentication and API Tokens.

Merchant tokens

Merchant tokenization refers to a token that’s limited to use with a single merchant. This means you can use the tokenized method to make payments only with the merchant that created it. This is the default form of tokenization for most cases.

Example: A paypoint saves a customer’s card data. The paypoint isn’t configured for universal or network token types. You can use the storedMethodId only at this paypoint.

Universal tokens

Universal tokenization creates tokens that can be used across your portfolio with the same processor. This means you can use the tokenized method to make payments with your organization’s different merchants connected to the same processor with universal tokens enabled.

Example: Your Payabli organization has several paypoints as part of a franchise that are all configured for universal tokens. One paypoint saves a customer’s card data. The customer could make payments at any of your franchise locations that support universal tokens.

Network tokens

Payabli supports American Express, Mastercard, and Visa network tokens. Discover network tokens aren’t supported.

Network tokenization creates tokens that can be used across your portfolio and outside of Payabli if the external provider supports network tokens. Network tokens can also be used at a non-Payabli affiliated gateway, if they support network tokens. When you save a payment method using network tokenization, Payabli requests a token from the card network. These tokens are stored and managed at the network level.

Example: Your organization has several paypoints as part of a franchise that are all configured for network tokens. One paypoint saves a customer’s card data and uses the network token type. A customer could make payments at any of your franchise locations that are configured to support network tokens. The same token can also be used at the processor’s other merchants that support network tokens, like online retailers and service providers.

Choose a token type

After you’ve completed the integration process and you’re certified for a chosen tokenization type, Payabli configures your paypoints with this token type. When you save a payment method, Payabli automatically applies the appropriate token type (whether merchant, universal, or network) for each payment method. You don’t have to manually select the token type when you save a payment method.

Industry examples

Let’s compare merchant, universal, and network tokens for a fictional fitness club management app, called FitClub Manager, that uses Payabli for payment processing.

In this example, each club location represents a separate paypoint in Payabli.

Merchant Tokens

  • When a member signs up and pays their fees at a club that uses FitClub Manager, a unique token is issued that represents the member’s card details.
  • The token only works at the club (paypoint) where the member signed up.

Universal Tokens

  • When the member first signs up at a club that uses FitClub Manager, a universal token is issued that represents the member’s card details.
  • This single token now works for all clubs (paypoints) that use FitClub Manager, regardless of location. The member can pay dues at Club A, pay for classes at Club B, and buy from the smoothie bar at Club C, using the same token.

Network Tokens

  • When the member pays club fees on FitClub Manager, the Visa card network issues a token.
  • The Visa token works for future Visa transactions for that member at any club that uses FitClub Manager. The member can pay dues at Club A, pay for classes at Club B, and buy from the smoothie bar at Club C, using the same Visa token.
  • The member can use the same Visa token across the Visa network where supported.

For members who transact at multiple clubs managed by FitClub Manager, universal and network tokens provide the most seamless experience. They can use one saved payment method across all clubs and transactions in the platform.

Ways to save payment methods

Payabli offers several options for tokenizing and saving a payment method:

  • API: use the direct-access API to save and manage payment methods.
  • Embedded components: use the PayMethod UI or EmbeddedMethod UI to save a payment method.
  • PartnerHub/PayHub: add a payment method for a customer from the customer overview.

Migrating tokens from another processor

To learn about how token migration works, see Migrating Tokenized Payment Data.