Tokenization
What is Tokenization?
Tokenization is the replacement of a card number, or PAN (Primary Account Number), with a pseudo number called a “token,” for use in a digital-payment transaction. Tokenization was introduced to provide an additional layer of defense against fraud by allowing the token to be stored in your phone and used in the merchant environment in place of a PAN.
How does Tokenization work?
Typical consumer debit cards come with names, 16-digit personal account numbers (PANs), expiration dates and security codes – any of which can be “tokenized.”
When a merchant swipes a customer’s debit card, the PAN is automatically replaced with a randomly generated alphanumeric ID (“token”).
Note that the original PAN never enters the merchant’s payment system. Only the token ID does. The merchant can use this special token ID to keep records of the customer.
The token then gets transmitted to the payment processor who de-tokenized the ID and authorizes payment.
The token in only readable by the payment processor – it is meaningless to any other party (including the merchant). Moreover, this randomly generated token is only valid with that single merchant. The ID can never be used to initiate payment with another retailer.
Apple Pay Tokenization
After you take a picture of SNB Debit Card and load it into your Apple phone, Apple sends the details to SNB which replaces your debit card details with a series of randomly generated numbers (the token). That random number is sent back to Apple, which programs it into the phone. This means that the number stored on the phone can not be extracted into anything valuable to fraudsters.
Android Pay Tokenization
Tokenization in Android Pay works similarly. When you upload your card information into the app, Google creates a stand-in “token” to represent your actual account number. This makes it near impossible for someone to get at your actual debit card information.
How do I use Apple/Android Pay tokenization?
To use Apple/Android Pay tokenization at store, just hold your device up to the NFC-enabled reader with your finger on the Touch ID button. This then triggers the payment. There is no need to open a new app or wake up your phone to use Apple/Android Pay tokenization.