jspωiki
Payment Token

Overview#

Payment Token is a Pseudonymous Bank Card Number values that replace the Primary Account Number in the Payment Network.

The Payment Token is the Bank Card Number, along with possibly some other information, from the Issuer Bank as a result of the Card-Emulation process.

Payment Tokens are used to reduce the risks inherent to the transfer of sensitive payment data such as the Primary Account Number.

Generation of the tokens is done by the Token Service Provider or TSP.

During the payment process Payment Token is

This way, the unsecure token space and secure PAN space are distinct areas.

The Payment Token Framework is published in 2014 by EMVCo Tokenization.

A Payment Token number does not reveal to the Merchant the PAN and possibly other information about the purchaser.

The Payment Token is a surrogate Bank Card Number for a PAN that is a valid 13 to 19-digit numeric value that must pass Luhn Check Digit and other CVM of an account number.

The Payment Tokens must not have the same value as or conflict with a real PAN.

Payment Token MAY be:

  • Limited in time-to-live
  • Limited by number of uses.
  • Capped by maximum amount.
  • or other conditions

Both Apple Pay and Google Wallet utilize a Payment Token in their wallet process, however, they are handled differently.

More Information#

There might be more information for this subject on one of the following: