Network token implementation
How to use scheme tokens with or without payment orchestration
To process payments with network tokens you can choose between either of the following options.
- Our automatic provisioning of tokens for use with our orchestration platform.
- Our standalone tokenization endpoints for using the network tokens directly with the PSPs.
Before you start processing payments with network tokens, make sure you have enabled processing with network tokens. Please contact the support team to get set up.
Automatic provisioning of network tokens
Although network tokens are agnostic tokens, not every payment service or acquirer support the usage of network tokens that were provisioned outside of their own environment.
When you use our system to orchestrate your payment, we will optimize the routing behavior to take into consideration the limitations of the payment services you’re connecting to. A payment service that supports externally obtained data is generally considered an open loop connection, while one that doesn’t is considered closed loop.
In our orchestration platform, we can support network tokens across any open-loop payment services. You don’t have to perform any additional integrations to use network tokens besides storing the original card data (PAN) in our Cloud Vault. You can follow the regular flow of card integrations, and we will automatically swap out the original card details with the network token when possible.
For each first time use of the token a cryptogram is provisioned. Subsequent merchant initiated transactions (MIT) will not need a cryptogram (these are optional), unless the transaction is done with a newly provisioned token. For example if you have migrated an already running billing sequence for a card to our systems and for these cards you’re provisioning tokens for the first time, the first transaction done with that token will have a cryptogram provisioned automatically by Gr4vy. The token and cryptogram will be provisioned as “on file” and therefore the buyer does not have to be present for the provisioning of either the token or the cryptogram.
We have optimized the usage of network tokens by implementing scheme best practices regarding cryptogram usage, as well as the correct payment flagging towards the payment services. Using Flow, it will be possible to choose the instrument (PAN or Network token) in your routing rules, allowing you to optimize your routing behavior.
For best practices and advice on routing optimizations, please reach out to our support team.
Standalone tokenization endpoints
Our API allows you to provision network tokens and cryptograms for use in your own system. Please note that network tokens can be considered PCI sensitive data depending on your interpretation of PCI guidelines, and therefore these API’s are not enabled in production by default.
You can use the network token endpoints to obtain network tokens and their cryptograms for use in your own system.
Network token provisioning via the API is not enabled by default in production. Please contact support for further guidance.