🚧

Although all formats are supported and compliant according to PCI DSS, we highly recommend using the Alias 2.0 format to run certain operations and obtain maximum security.

Refer to the Convert API if you want to migrate from legacy formats to the new format.

Alias 2.0

Alias 2.0 is our default token format. All the tokens in this format are unique. When using the Alias 2.0 format, we return an additional fingerprint parameter from our APIs. It's a unique identifier for the underlying card. This allows you to identify the same card usage across different customer accounts.

Example

Alias 2.0 - Length preserving

This format inherits all features and functionalities of the Alias 2.0 format with the difference that the length of the alias equals the length of the original card number.

Example

CVV/CVC Alias

This format is only relevant for CVV or CVCs.

Due to PCI DSS requirement 3.2 the cvv token and the cvv must be deleted after the first detokenization/usage.

Example

Masked Alias

This format consists of the first 6 digits of the real credit card number, which corresponds to the BIN (Bank Identification Number) range. This is followed by the token in the form of 6 upper-case letters. The Masked Alias ends with the last 3-4 of the real credit card number. The length of the token varies based on the card brand.

Example

Full substitution

This format only consists of digits.