Results for

icon-search-large No search results yet
Enter your search query above

Tokenization is the process of replacing sensitive data with a reference to the data without compromising security.  It seeks to minimize the amount of sensitive data that a business needs to keep on hand, improving the security of credit card and eCommerce transactions and reducing the cost and complexity of compliance with industry standards and government regulations.

By referring to tokenized data, you can reduce previously submitted sensitive data without storing it in your own systems. We issue the token and bears the responsibility for keeping cardholder data safe.

As tokenization means that you no longer have to store sensitive data in your own system, it is particularly beneficial for recurring payments, one-click payment solutions and for merchants that are not PCI-compliant. Tokenization allows you to use the GlobalCollect platform in multiple data centers concurrently.

Tokenization currently supports the following payment products:

Process Flow

Token Creation for Recurring Transactions

tokenization_flow1

Using a Token

tokenization_flow2

API calls

For a full reference of the API’s used for tokenization please see the following reference.

How to enable this service (boarding)

We will tokenize every first recurring transaction that is processed with us. You will get returned a so called ‘profileID’ with a successful transaction.

Please note that we charge service costs for the usage of tokens in next recurring payments.

Additional information

  • You cannot send self-generated Order IDs in the ORDERID key in API calls (we will generate the ORDERID), however, you can provide Order ID information in the MERCHANTORDERID key.
  • To recover the Order ID for a transaction, use the GET_ORDERSTATUS API call, providing the MERCHANTORDERID and/or the MERCHANTREFERENCE keys to retrieve the status of the transaction (you can get the ORDERID from the response)
  • We allow you to share tokens among multiple accounts on the GlobalCollect platform upon request.

To do so:

  1. You provide us with an overview of the merchant numbers and the corresponding merchant names and requests for the tokens to be shared among these specific accounts.
  2. We link the accounts.
  3. We send you a confirmation that the accounts are linked and tokens can be shared.

Reporting

Payment console

The token will be reported in the Payment Console within the payment details of a transaction. With advanced search you can look for all transactions that were made for a specific token.

NOTE: This does not include the first transaction as this token is created after the first transaction.

WX

In the WX file the token is used for every transaction that used a token on field position 651.

FAQs

  • What part of PCI compliancy does tokenization take away?

    PCI compliancy consists of 3 parts. With tokenization it takes away:

    • Processing credit card transactions
    • Storage of credit card details
    • Transmitting credit card transactions

    Tokenization takes away the 2nd requirement: storage of credit card details.

  • What information is stored in the Profile?
    Consumer detailsCredit card detailsDirect Debit SEPAPayPal
    Surname Credit card number Account number Billing agreement ID
    Company name
    First name Expiry date IBAN
    Prefix surname
    City Card holder name Bank code
    Street Credit card details Branch code
    House number Bank CheckDigit
    Additional address info BIC
    Zip Account name
    State Bank name
    StateCode Customer bank city
    CountryCode (ISO 3166)