Tokenisation – A life hackers guide

Is tokenisation a life hack? We think so. It’s one of those tools that makes everyone’s lives a little easier, in this case both retailers and their customers. But as well as making life easier, it also makes things a lot more secure; specifically payment card data.

First off, what is tokenisation? Essentially it’s the process of swapping payment card data for a token that has no value except when used in very specific circumstances. You can find out more about the process in this behind-the-scenes post exploring tokenisation. However, it may be helpful to think of tokenisation in the same way as you do when you go to a funfair and buy tokens for the bumper cars.

At a funfair you exchange money for tokens that can only be used on the bumper cars (perhaps only with that specific funfair). With tokenisation your card payment details are exchanged for a token that can only be used by one retailer in a specific way; such as for an online payments.

So why is tokenisation a life hack?

There are clear benefits for both retailers and customers. Here they are…

For Customers

• Tokenisation protects their payment card data so that if there is a data breach it remains safe. Tokens have no value to thieves as they can only be used in very specific circumstances.
• Payment cards do not need to be cancelled if you experience a data breach. Because your customer’s card data is safe there is no need for them to cancel and request a new card if your system gets hacked.
• Mobile wallet users do not need to cancel credit cards if their phone is stolen. Instead they only need to cancel the tokens that represent their card on that device. Their credit card details are still good for other payments; such as paying subscription accounts like Netflix that were created on other devices.
• Checkout procedures are much faster. Once a token has been created for a customer’s payment card, it can be used again and again for future payments. There’s no need for them to enter lengthy card details again, minimising the chances of their data being stolen at point of sale.

For Retailers

• Increased conversion rates: A quick and easy checkout experience using “single-click payment” boosts conversion rates.
• PCI DSS Compliance. Tokenisation can reduce your PCI compliance scope dramatically, potentially cutting your PCI DSS bill by more than 50%.
• Increases customer confidence. We all understand the importance of keeping our payment card data safe and many customers look for reassurance that retailers are doing their best to honour this. As awareness of tokenisation increases we believe that consumers will start to expect and request it.
• Reduces abandoned shopping baskets. Making payment procedures as quick and easy as possible has obvious benefits for the retailer. Once a token has been created for their first purchase, customers do not need to enter the card details in full again for future payments.
• Promotes customer loyalty. The combination of a secure and convenient payment process builds great customer relationships and encourages repeat custom.

Any drawbacks?

The one part of the payment process that is still open to abuse is when the cardholder provides their payment details for the first time. This is an issue for all kinds of payment situations and the onus is on the card owner to protect their data.

When making online payments on a secure website this would involve ensuring that no one is watching as you key in your details. Similarly if using a card payment machine in a shop, protecting your PIN is essential.

If you have concerns about tokenisation and whether it’s right for your business, the best strategy is to ask questions. If you’re developing an ecommerce website, talk to your web developers; if you’re looking to introduce this level of security in-house, talk to your IT department; or alternatively contact us on 0808 2780252 to explore your options in more detail