Visa Inc. launched Token Management Service, a service it says will make it easier for users to manage tokenized payment card data from multiple sources and across multiple channels, the card network announced Thursday.
Designed to complement the Visa Token Service, the new program provides a way for merchants to use the same tokenized card data for a consumer regardless of how the consumer shops with the merchant. Tokens are strings of digits that stand in for card-account data. If stolen by data thieves, tokens are useless for committing payment fraud. Tokenization is not new—CyberSource, for example, introduced its token service several years ago—but has gained much attention as new ways to shop evolved.
“We are seeing payment acceptance proliferate into the Internet of Things and new experiences,” says Andre Machicao, a senior vice president at CyberSource, a payments provider and fraud-prevention company owned by Visa. “Our clients want to capitalize on that and want to do so in the same secure fashion as current payment models.” The new service is part of CyberSource’s payment-management platform.
As tokenization gains favor, many merchants are discovering their various systems, such as point of sale, customer relationship management, and enterprise resource planning, all need access to the tokenized card data, but have disparate ways of managing it, Machicao tells Digital Transactions News. “Many of our clients have token proliferation within their organizations,” he says. “It’s actually creating hurdles and handicaps within their environments.”
With commerce channels spread across mobile, traditional Web, and in store, and consumers increasingly expecting smooth transactions across them, the challenges for merchants are immense. “The basic enablement of creating a buy-online-return-in-store use case is a high hurdle and deep challenge for many of our clients,” Machicao says. A unified token service can help alleviate some of the issues with that, he adds.
Token Management Service is designed to reduce some of the information technology complexity, Machicao says. “It’s really more an aggregation service designed to operate across channels.”
The service works across a merchant’s commerce platform, processors, locations, payment types, and accepted card brands. It can be used independently from other services that Visa or CyberSource provides, he says.
Part of the appeal of tokenized card data for merchants, aside from making it easier for consumers to shop, is that it can help reduce their PCI Security Standards Council obligations. With the new Visa service, tokens are managed in Visa data centers, Machicao says, not by the merchant.
Merchants of all sizes can use Token Management Service. “We’re also making the service available to payment service providers and acquirers,” Machicao says. Visa would not disclose the price of the service.
More tokenization services are expected to develop. “When you think about tokenization and who it benefits—hint, hint, everyone—it’s a technology that is rapidly being embraced by all parties in a transaction from banks to networks to merchants as a means of not only securing the transaction but also reducing the attractiveness of any data that may become compromised,” Michael Moeser, director of the payments practice at Javelin Strategy & Research, tells Digital Transactions News in an email. “Expect to see more companies providing token-based solutions in the next 12 to 24 months as adoption continues to grow.”