What is Visa Token Service (VTS)?

Visa Token Service (VTS) is an innovative security feature provided by Visa. After the customer performs their first successful payment on your site, it replaces the customer’s card number stored on our system with a unique identifier called a token. When the customer returns to your site to make new purchases, the token is used in place of their sensitive payment credentials, reducing the risk of their data being compromised.

 

VTS.svg

 

Benefits

Tokenization is based on the EMVCo payment tokenization standard and aligns with EMV1 technology (the global standard for secure payments). By participating in tokenization, processing e-commerce transactions comes with minimal risk of fraud, because the technology greatly reduces the likelihood of sensitive payment credentials being exposed. Furthermore, tokens can be limited to a specific mobile device, merchant or number of purchases (say, a limit of 5) before expiring.

 

Configuration

To enable VTS on your site reference, you will need to contact our Support Team and request this feature is enabled. Once enabled, tokenization will automatically be attempted for all successfully-authorised transactions processed with Visa-branded cards. This process requires no additional configuration.

  • If tokenization attempt is successful, all future transactions with this card will instead be processed with the token instead of the customer’s sensitive card details.
  • If tokenization attempt is unsuccessful, all future transactions with this card will be processed using the customer’s sensitive card details (as with a standard non-tokenized payment). However, we will attempt to generate a Visa Token (to tokenize the card details) on these subsequent re-authorisation requests providing they are authorised successfully.

 

Processing future payments using token

MyST

When a customer’s card has been tokenized using the process described above, if you process a re-authorisation using MyST, the token will be used in the new authorisation request in place of the customer’s card details (this happens automatically).

You can quickly identify transactions processed using a token by viewing the details in MyST, by checking the value of the Tokenised payment is set to “1”. The Token source type field is used to identify the type of token used for this payment “VISATOKEN”, as shown in the example below:

kb-vts-01.png

Note that with tokenized payments, the Card number refers to the unique token number. The last four digits of the customer’s card number can be found under the Wallet details section, by the Wallet display name field, as shown in the following example:

kb-vts-02.png

 

Webservices API

Alternatively, if you want to use our Webservices API to process new transactions using the token, your system can process a new AUTH request that references the stored token. Click here to learn how.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request