Token provisioning is the process of requesting a Network Token from the relevant card scheme for a specific PAN and for a specific purpose, domain or device. The diagram below shows how PCI Proxy is involved in provisioning Network Tokens.

Network Token Provisioning with PCI Proxy. — Legend: PAN = Credit card number, NT = Network Token, DT = PCI Proxy (Datatrans) Token

Cardholder enters card details
PCI Proxy requests a Network Token at the relevant card scheme
Card schemes reach out to the card issuing bank of the cardholder
Card issuing bank creates a Network Token and returns it via the card schemes to PCI Proxy
PCI Proxy maps the Network Token to the PCI Proxy token which is returned to the merchant

👍
Mapping a Network Token to a PCI Proxy token allows you to continue to use PCI Proxy services without changing your code and not extending your PCI scope.

How to provision a Network Token?

Once your merchantID is onboarded and ready for Network Tokenization, you can request a Network Token through our various implementation methods. Please refer directly to the specific API section in this guide such as

Secure Fields
Mobile SDK
PATCH (recommended for Filter and SFTP proxies as well as for existing aliases without a Network Token)

to see how to provision a Network Token for your integration.

📘
For eligible merchants we offer the option to receive clear text Network Tokens and Cryptograms via the Standalone API.

Network Tokens and PANs

Although the final goal of Network Tokenization is to remove plain text card numbers completely, PCI Proxy will store the underlying PAN behind each PCI Proxy token in this transition period.

By keeping the PAN on our secure server, we allow merchants to continue forwarding PANs to third-party receivers who are either not yet able to consume Network Tokens or whose issuing bank is not yet supporting Network Tokens.

Remove underlying PAN

Regulation requirements in some countries and markets prohibit the storage of any PAN, even for PCI DSS Level 1 certified organizations. If you no longer want PANs to be stored for a given PCI Proxy token you can remove it from storage by using the PATCH API.

If you don't want us to store the card number at all anymore by default, please contact our team to configure your merchantID accordingly.

Request Network Tokens

👍
Mapping a Network Token to a PCI Proxy token allows you to continue to use PCI Proxy services without changing your code and not extending your PCI scope.

How to provision a Network Token?

📘
For eligible merchants we offer the option to receive clear text Network Tokens and Cryptograms via the Standalone API.

Network Tokens and PANs

Remove underlying PAN

👍Mapping a Network Token to a PCI Proxy token allows you to continue to use PCI Proxy services without changing your code and not extending your PCI scope.

How to provision a Network Token?

📘For eligible merchants we offer the option to receive clear text Network Tokens and Cryptograms via the Standalone API.

Network Tokens and PANs

Remove underlying PAN

👍
Mapping a Network Token to a PCI Proxy token allows you to continue to use PCI Proxy services without changing your code and not extending your PCI scope.

📘
For eligible merchants we offer the option to receive clear text Network Tokens and Cryptograms via the Standalone API.