Network token implementation
How to use scheme tokens with or without payment orchestration
To process payments with network tokens you can choose between either of the following options.
- Our automatic provisioning of tokens for use with our orchestration platform.
- Our standalone tokenization endpoints for using the network tokens directly with the PSPs.
Before you start processing payments with network tokens, make sure you have enabled processing with network tokens. Please contact the support team to get set up.
Automatic provisioning of network tokens
Although network tokens are agnostic tokens, not every payment service or acquirer support the usage of network tokens that were provisioned outside of their own environment.
When you use our system to orchestrate your payment, we will optimize the routing behavior to take into consideration the limitations of the payment services you’re connecting to. A payment service that supports externally obtained data is generally considered an open loop connection, while one that doesn’t is considered closed loop.
In our orchestration platform, we can support network tokens across any open-loop payment services. You don’t have to perform any additional integrations to use network tokens besides storing the original card data (PAN) in our Cloud Vault. You can follow the regular flow of card integrations, and we will automatically swap out the original card details with the network token when possible.
We have optimized the usage of network tokens by implementing scheme best practices regarding cryptogram usage, as well as the correct payment flagging towards the payment services. Using Flow, it will be possible to choose the instrument (PAN or Network token) in your routing rules, allowing you to optimize your routing behavior.
For best practices and advice on routing optimizations, please reach out to our support team.
Standalone tokenization endpoints
Network tokens in and of themselves are not considered PCI sensitive data. Therefore, you can choose to request and store these tokens in your own system.
You can use the network token endpoints to obtain network tokens to be used in your own system. That said, the combination of a network token with a cryptogram does fall in PCI scope. For this reason, it’s only possible to obtain cryptograms via the cryptogram endpoint if an attestation of PCI compliance is provided for the receiving environment.