Tokenization Feature

Tokenization is the process by which a reference number, referred to as a token, replaces a credit card number or Direct Debit account number. Unlike the card or account number, you can store the token on your system without concern of a security breach exposing critical customer information. Instead, Worldpay stores the information in a secure vault and accesses it only when you submit a transaction using the supplied token.

You must be enabled for card tokenization to use the Direct Debit tokenization feature.

In the case of credit cards, since you do not store the customer’s account information, the scope of PCI requirements to which you must comply may be minimized. This may greatly reduce the cost of compliance and may limit your liability in the event of a breach. You can reduce the requirements further, as well as the possibility of exposure from a breach, through the use of the Worldpay eProtect. By sending the card information from your checkout page directly to our systems you eliminate one more facet of handling the card information.

Worldpay recommends you consult your own PCI Compliance and Legal departments to determine the specific advantages of tokenization for your company.

This section discusses the following topics:

• How Tokenization Works

• Token Formats

• Obtaining Tokens

• Supported Token Transactions

• Compliance with Visa Best Practices for Tokenization

Please refer to the Worldpay eComm eProtect Integration Guide for additional information about the use of and integration to the Worldpay eProtect value added service.