Network Tokenization to Prevent Fraud and Risk: Part I

For starters, why am I using the US spelling of tokenization? Isn’t it tokenisation for us Aussies? Apparently, the “z” has carried over and tokenization is the correct spelling even here in Australia.

So what is with it ….

With new opportunities inevitably come new challenges. Customers now expect simple and consistent payment experiences, but payment environments keep growing more complex. And while worldwide digital commerce continues to grow, so does the rise in security breaches.

Necessity has bred innovation. New tokenization technology is fundamentally changing how sensitive customer and payment data is managed. While solving security challenges, tokenization also helps businesses create seamless payments experiences that are making a material difference to loyalty, conversion and revenue.

Why tokenization

Why is creating seamless payment experiences so hard? The problem stems from the risks associated with sensitive data. The current payments ecosystem still relies on customer identifiers consisting of personal account numbers (PANs), billing addresses, expiration dates, and card security codes.

Used online, these account details draw the attention of fraudsters looking for ways to exploit the data on an industrial scale, so businesses must bear the cost of keeping them safe. Equally, if these identifiers are compromised, it’s hard for businesses to tell if they’re being used legitimately. The result is that businesses are faced with a no-win situation: decline any transaction that looks remotely suspect and negatively impact sales or accept all transactions and risk fraud and reputational damage.

Payment tokenization

Tokenization technology arrived nearly two decades ago and is now at the heart of keeping data secure within the payment process. Almost all businesses currently use tokens to some extent to prevent fraud.

The concept of using a token to safeguard something of value is nothing new: think of chips in a casino or tokens in an arcade. Payment tokens follow the same principle. Tokenization means a customer’s sensitive account data is replaced with a digital identifier while the real data is stored securely. If the token is compromised, it is meaningless and cannot be used.

The result is win-win. Customers don’t have to worry about their account details being vulnerable online, and businesses don’t have to worry about keeping sensitive data safe within their own environment.

Where are the tokens?

Tokens are securely stored in a secured token vault or token management service (TMS). They are securely kept and designed to be protected from unauthorised access and data breaches.

The arrival of network or scheme tokens

A major step forward in tokenization has been the arrival of network tokens, which unlock higher authorisation rates, lower fraud, and create a better customer experience. The first payment tokens were issued by sellers, acquirers, and payment platforms for individual credentials. In contrast, network tokens (also referred to as scheme) are generated by a payment network such as Visa. Instead of replacing a single PAN for its lifespan, they represent a customer’s credentials for the entire buying cycle.

What this means is that, at the point of initial payment, a business can ask the network to generate a token that can then be used (and importantly, tracked) for all subsequent transactions, even if the card has been replaced by the cardholder. The credentials will automatically be updated via lifecycle management, be it for a card or a digital wallet like Apple Pay or Google Pay.

This allows businesses to recognise their customers and also understand them better, enabling higher authorisation rates as well as to reduce fraud. According to Visa, merchants realise an average 3% lift in authorisation rates by making it easier for you to recognise legitimate repeat customers across channels as compared to non-tokenized transactions.

Avoid lost revenue from expired cards

Token management services and token vaults can also automatically update stored payment credentials (card-on-file data) ensuring that a returning customer never forgets to update new card details.

Network tokenization can also help reduce fraud by an average of 26 percent while removing additional payment friction for your customers. Reward returning, known customers with less steps and input boxes. Turn your online checkout into a single click checkout experience. This will become table stakes in the next year as customers utilise Click to Pay and digital wallets to reduce the workload and friction of paying.

About Mike Fowler

Mike is an eCommerce veteran, senior leader & growth strategist for some of Australia's best known retailers. Currently, a manager of payment solutions at National Australia Bank (NAB) and formerly at Afterpay as Director of Merchant Services APAC. With a long career in eCommerce retail as General Manager and founder of the growth team at Mosaic Brands (Noni B Group) developing and launching 9 iconic multi-category online marketplaces, including: Noni B, Rockmans, Millers, and Rivers. Member of the Australia Post Customer Advisory Group with more than 15 years experience in helping retailers leverage eCommerce, CX, payments, & logistics opportunities to maximise growth.