Online Payments: Tokenisation Explained

Tokenisation makes it easy to take repeat payments from customers and removes the need for them to enter their card details more than once. Instead an encrypted 'replacement token' (related to that card number) is generated after the customers initial transaction.

The actual card data is stored securely on the payment providers server removing the security compliance red tape for you, while offering repeat customers a quick check-out experience. Essentially tokenisation is a secure way of storing cardholder data without actually compromising it and your brand.

How Tokenisation works with Pay360

  • Shopper enters card details on merchant website for the initial transaction and confirms payment. The cardholder is directed to the merchants payment page (hosted securely by Pay360).
  • The transaction is sent to Pay360 for authorisation.
  • Pay360 generates an encryted ‘replacement token’ associated with that specific card number and sends back to the merchant (the replacement token does not expire unless card does).
  • The card number data remains securely stored on Pay360’s PCI Level 1 Compliant servers. The token sent to the merchant allows them to securely save the cardholder details so that when the customer returns they need not enter them again
  • When the cardholder next clicks 'pay' it generates a transaction request to the same cardholder details saved securely on the Pay360 server and the payment is processed.