Tokens See Double Duty as Protection From Fraud and Transaction Failures

Network tokenization, a technology that replaces sensitive payment card data with unique digital identifiers, has been a hot topic of late.

Long known as an effective eCommerce fraud fighter, it was a centerpiece of Visa’s series of announcements that brought merchants into the data token space.

According to Doug Fry, senior product manager at open payments platform provider Spreedly, the technology, which underpins most digital wallets, also allows merchants to securely store customer payment information. And in the process, a new use case is developing. A rise in “merchant-specific” tokens puts the impetus to use them on merchants.

“This is more merchant choice,” Fry said. “They’re making a decision to process payments with these technologies.”

Network tokens are gaining wider embrace, said Fry, who noted that among the company’s merchant base, use of those tokens is up 400% through the past several quarters, as the company connects client firms to tokenization through its orchestration platform.

To understand tokens and their development, some background is in order. To create a network token, merchants typically capture and vault a primary account number (PAN), then decide to “provision a network token against that PAN,” Fry said. This token traverses the payments ecosystem, with major card networks like Visa and Mastercard acting as token service providers.

A key difference in transacting with network tokens instead of PANs is the generation of a cryptogram.

“This is the core of many of the benefits that merchants see from this,” Fry said. “It’s security. It ties that payment attempt directly to that merchant, to that token.”

This enhanced security is a major factor in improving authorization rates.

“There’s a lot that goes into an issuer deciding whether or not to approve a transaction,” Fry noted. “But where they see lower risk in that transaction, you’re going to see higher approval rates from those issuers.”

However, network tokenization has limitations. Tokens are not adopted absolutely by every issuer, every acquirer and every payment service provider. There are also more steps involved compared to using PANs directly. Provisioning a token can take a few seconds — a long time in payments. And even then, consumers and merchants may not have it available for immediate use.

Token lifecycle management is another challenge. Tokens have expiration dates and can be suspended or deactivated, requiring tracking.

“It’s important that a merchant, or at least a service provider they work with, tracks that lifecycle management,” Fry said. “They don’t get to just provision a token and say it’s always good, always evergreen.”

Importantly, network tokens won’t eliminate all types of transaction failures. Fry categorized failures into primary (e.g., connectivity issues), secondary (e.g., fraud declines, missing data) and tertiary (e.g., insufficient funds). Network tokens mainly address secondary failures.

“It doesn’t matter sometimes,” he said. “I can connect, I can remove general declines, I have all the credentials in place, but at the end of it, I could still see insufficient funds.”

Given these realities, Fry said he believes PANs still make sense to live alongside a network token for the foreseeable future as a fallback mechanism. Maintaining both allows for data-driven decisions to improve overall authorization rates. Global inconsistencies in adoption also mean that in certain cases, PANs will be more successful in different regions.

The emergence of service providers offering token-related solutions has also reduced friction. According to Fry, most merchants prefer not to handle the complexity of directly integrating with multiple networks to manage their token vaults. As a result, service providers are stepping up to simplify the process of adopting and using network tokens for merchants.

For merchants considering network tokens, Fry advocated for a data-driven approach. He suggested gathering data to identify the specific reasons behind declined transactions and quantifying the anticipated improvement in authorization rates. This information can then be used to prioritize network tokenization within the broader context of a merchant’s overall payments strategy, as it is improbable that network tokens will be the sole solution a merchant will want to use. Network tokenization is still an emerging technology, but it appears poised for mainstream adoption as its benefits crystallize and barriers fall.

“It takes time for that snowball effect to come into play,” Fry said. “More and more merchants will start to hear about that success. That’s one piece. But then as more and more data is out there, more merchants have access to that.”

Against that backdrop, Fry observed, we’ll still see PAN/merchant tokens operating alongside network tokens, and the strategy is a necessary one. In some cases, merchant tokens can represent a fail-safe against any interruption in network tokens’ flow.

“Merchants want to have flexibility and global reach,” said Fry, “and industry adoption [of different token types] changes across different regions … so it makes sense that they can make some data-driven decisions on improving their overall authorization for their businesses.”

The post Tokens See Double Duty as Protection From Fraud and Transaction Failures appeared first on PYMNTS.com.