What is Network Tokenization?

Network Tokenization is a tokenization concept introduced by card schemes ('networks') such as Visa, Mastercard and AMEX. It is based on the technical framework provided by EMVCo. A Network Token, also called a DPAN, is an alternative to a conventional plain text card number, also known as Primary Account Number (FPAN) that we are usually familiar with. A DPAN is intended to replace the need for FPANs as a means to eliminate the need to store plain text card numbers on any system in the payment chain.

Without Network Tokens, the usual payment flows are as follows. Merchants generally use a PCI token solution like PCI Proxy to send tokens to PSPs. Then the raw credit card (CC below) is used for the rest of the transaction.

Network Tokens (NT) replace raw credit cards in the last few stages of flows. Depending on its implementation, it can look like the following.

A Network Token is unique for each cardholder as well as for each merchant, which increases the security of sensitive payment details and reduces the risk of fraud. Like a regular FPAN, Network Tokens can be used for completing e-commerce transactions or sharing them with other partners in the payment eco-system.

Network Tokenization in PCI Proxy

We have anticipated this new concept in our infrastructure and customers are able to access Network Tokens in their PCI Proxy integrations and processes, alongside PCI Proxy tokens. You will benefit from industry leading advantages of PCI Proxy without having to change anything on your end. In short, you will have full control and flexibility of your payment stack without interacting with sensitive payment data.

Advantages of Network Tokenization

Lower payment acquiring fees

• Acquirers tend to offer lower acquiring processing fees when using Network Tokens. This is mainly due to increased security and lower risks of declines.

Higher conversion rates

• Credit card credentials are automatically updated at the schemes, which leads to fewer declines
• Authorization rates are significantly higher compared to payments made without Network Tokens

Compliance

• Meet local compliance requirements, such as regulation introduced by the Reserve Bank of India

Increased security, less fraud

• No need to expose sensitive payment card data
• Strict domain control with merchant specific tokens
• A one-time cryptogram for each Network Token

Account lifecycle management

• Receive notifications if the state of a Network Token changes
• Change the state of a Network Token

Future-proof

• Card art: display an image of the original card to cardholder to increase trust and visibility
• Push provisioning and improved guest check-out experience

Scheme support

As of July 2024, PCI Proxy is a certified token requestor for Visa VTS and Mastercard MDES (including Maestro cards).

📘

Support for American Express AETS will be active by end of Q4 2024.

Other brands are being reviewed and steadily integrated, so get in touch if you want to use other brands.

Google and Apple Pay support

Please note that it's currently not possible to create a Network Token when the input parameter is a DPAN (device pan).

Alias format support

Network Tokens only work with Alias 2.0 and Alias 2.0 length preserving formats. No exemptions can be made here due to security reasons.

Keeping up with industry

Although Network Tokenization is a global mandate coming from the major card schemes, adoption of it depends on the region, country and issuer. We are actively enhancing Network Tokenisation capability to offer customers more value from it.

Get started

The following pages will guide you through the onboarding process to use Network Tokens. For new customers, sign up for an account and contact us!