Links

FAQ & Terminology

Terminology Network Tokenisation

Term
Description
AETS
American Express Token Service
CIT
Customer Initiated. The cardholder is in session and triggered the payment.
DPAN
Device Primary Account Number
ECI
Electronic Commerce Indicator (ECI) security level associated with the Network Token.
FPAN
Full Primary Account Number (raw credit card number)
MDES
Mastercard Digital Enablement Service
MIT
Merchant Initiated. They payment is triggered by the merchant in absence of the cardholder.
OBOTR
On-Behalf-Of Token Requestor. Entity which is requesting a Network Token on behalf of a merchant.
PAN
Primary Account Number. Plain text credit card number.
TAVV
Token Authentication Verification Value (Cryptogram). Unique value each transaction which must be sent in the authorisation request to the Payment Provider.
TRID
Token Request ID - Merchant specific identifier that is used for provisioning Network Tokens.
TSP
Token Service Provider - Entity which is issuing the Network Token.
VTS
Visa Token Services

FAQ

Which card brands are supported?
As of November 2022, PCI Proxy is a certified Token Requestor for VISA VTS and MasterCard MDES. AMEX AETS is planned for mid of 2023. For any other brand please contact our team.

How do I know if a Network Token has been provisioned successfully?

Use the Tokenization API (if you have a transactionID) or the Alias Status API (if you have a PCI Proxy alias) and look for the tokenInfo object if you are not sure if a Network Token has been provisioned.
Do Network Tokens provide any liability shift?
No - in case you want to shift the liability to the issuer, strong customer authentication is still required. We recommend to use the 3D-Secure APIs to authenticate cardholders.
Do I need to have a card verification code (CVC) to create a Network Token?
A CVC is not required for the creation of a Network Token - however, we recommend to check per use-case if you still need to capture the CVC code. Depending on your agreement with the acquirer you might need a CVC code when authorizing with PAN and not Network Tokens.