When it comes to secure digital payments (such as Apple Pay™, Google Pay™, etc.), you’ve probably heard the term “tokenization.” You know it’s more secure and helps avoid ordering new cards should fraud occur…but like many, you may think it involves some sort of wizardry behind the scenes that mere mortals will never comprehend. While it does involve a more complex process, the concept is nothing new. Below we demystify the process of how digital payment tokens work.
Tokenization simply acts as a substitute for something else. Think about when you go to an arcade and purchase tokens to play games. Outside of that business, the plastic chips or mouse-emblazed coins have zero value. But inside, just TRY prying those tokens from someone’s fist.
During digital payments, a similar transaction happens. Tokenization replaces the primary account number (PAN) with a pseudo number for use in a digital payment transaction. The randomly generated tokenization substitutes customer data with a one-time alphanumeric ID that has no connection to the account’s owner.
In fact, tokenization trumps encryption for security. Why? Because a hacker can reverse an encryption if they know the algorithm behind it. But because tokenization is completely randomized, it is not reversible. In addition, tokens are stored securely by their providers.
Each of the steps below happen in mere split seconds to provide a safe, efficient transaction.
The entire process happens behind the scenes and neither the customer nor the merchant needs to do any differently.
EMV Chip Cards vs. Tokenization
A few years back, credit card companies began issuing cards with EMV chips (which stands for Europay, Mastercard, and Visa). The chips provided increased security during in-person points of sale through a different transaction process that often required a password. While not foolproof, they provide greater protection against data skimmers when compared to older magnetic stripe information.
The difference between cards with EMV chips and tokenized digital wallets lies in their usage online. Physical cards with EMV chips lose their security when a customer enters their card number online or via phone orders. A digital wallet will continue to use tokenization via online orders and keep generating randomized, irreversible numbers
If you have questions about how tokenization works with you Standard Bank issued card or others, we’re happy to chat. Call our online banking experts at 1-866-856-BANK (2265) or visit one of our locations.
Apple, Apple Pay, App Store, Apple Watch, iPhone, Touch ID and Face ID are registered trademarks of Apple Inc. App Store is a registered service mark of Apple Inc.
Google, Android, Google Pay and other marks are trademarks of Google LLC.