Enabling customers to track digital payment credentials

Network tokenization has become a powerful tool for online merchants and payment service providers as they seek to reduce the chances of card details being misused while at the same time enhancing customers’ e-checkout experiences.

Replacing sensitive data such as card details with a unique digital identifier (token) makes it possible for payment information to be passed between card networks such as Visa or Mastercard, card issuers, and merchants’ payment service providers – all without the card details ever being exposed.

In fact, when a customer asks a merchant to hold their credit or debit card on file (CoF) for the convenience and speed of future transactions, the merchant does not actually log those sensitive details on their internal database. Rather they use tokens during e-checkout that are created and managed by their payment network provider, with the card details and the relationship between the customer’s primary account number (PAN) and tokens held by the provider in a highly secure “token vault.”

Such tokens are unique to each merchant and device. Furthermore, as there is no mathematical relationship between a token and its original number, tokens cannot be reverted to their original form.

The result is highly positive: According to Mastercard, 79% of consumers globally have at least one card on file or are open to having one.¹

And transaction data from Visa shows that the use of network tokens can improve payment authorization rates by more than 2% (as greater trust in the process means there are fewer false transaction declines). The research also suggests the use of tokens reduces fraud rates by 26% on average compared with transactions where users’ PANs are sent directly.²

Token proliferation

Because of their simplicity, enhanced security, and broad application potential, the application of tokens is expanding fast. As well as being used to issue digital payment credentials (as tokens) to mobile devices, tokenization has been widely embraced in online retail, Internet of Things applications, in-app payments, and elsewhere. All of this activity has resulted in the creation of billions of tokens.

Indeed, Juniper Research believes that 95% of online e-commerce card payments will be tokenized by the end of 2022, as more and more parts of the payments ecosystem move to tokenization.

The ubiquity of e-commerce, however, means that we are all creating a trail of digital payment footprints over which we have little or no control. Traces of our payment credentials (hopefully in the form of tokens rather than encrypted PANs) are scattered across hundreds or even thousands of retail sites. Moreover, the rise in online spending is making the practice of saving credentials or cards on file (CoF) commonplace.

While consumers appreciate the convenience of CoF, many have security concerns about how and where that data is logged, and by whom. They know they have given permission at some point for certain retailers to hold their CoF data but typically they have lost track of that.

That presents a conundrum: while tokenization is critical for securing transactions, so too is the need for consumers to be able to keep tabs on their tokenized, digital payment credentials. Indeed, as tokens proliferate, the perceived challenge may not be the risk of personal information being breached but rather the need for a credential management capability.

“Customers [now] expect transparency and control over their payment transactions from issuers as a standard,” says Juniper. And that increasingly extends to digital payment credentials as well.

Bringing peace of mind to credentials management

One solution to the challenge is G+D’s Convego^® Token Cockpit, an integrated token-management tool that enables card issuers to provide their customers with a convenient, easy-to-use capability for monitoring where digital payment credentials are tokenized and stored across all digital channels. Aside from the peace of mind that this can bring, a major benefit is that it gives their customers the ability to activate, suspend, and revoke tokenized cards, as well as to view the connected cards they hold in digital wallets such as Apple Pay and Google Pay.

The cloud-based solution acts as an aggregator of tokenization services, integrating with a multitude of token service providers and token requestors, including managing the ongoing adherence to certifications, legislation, and regulations.

“In a nutshell, Convego^® Token Cockpit can be regarded as a token life cycle self-service platform, enabling the management of all tokens [by consumers] through a single, centralized solution,” says Juniper Research in a recent case study.

“Token Cockpit not only provides visibility to customers, but also enables them to be in control of creating and managing, and delivering, their tokens,” says Alex Gatiragas, Director, Solution Experience, at G+D. It gives consumers the ability to push their payment credentials seamlessly and securely across target destinations, such as merchants, e-wallets, click-to-pay services, and devices, he adds. (See video on the advantages of Convego^® Token Cockpit)

The solution enables banks and others to create propositions for customers with merchants, he adds. Such promotions might, for example, push customer payment details to a subscription service that offers a free first month. For issuers, the benefit would be their cards are aligned to the service; for customers, it would mean being able to swiftly link to the desired merchant’s service with just the click or flick of a digital button.

As that illustrates, the conditions are ripe for card issuers to bring visibility and control to digital credential management by providing consumers with the tools for managing their payment credentials via the issuer’s banking app or online interface. In effect, turning the growth of tokenization from concern into a convenience.

Published: 22/07/2022