Tokenisation for Optimizer
Know how to save customer card details as tokens with multiple payment partners using Optimizer.
Tokenisation is the process by which the original card number/Primary Account Number (PAN) is replaced with a surrogate value called a token
. You can securely save a customer's card details as a token during the first transaction. The customer does not need to re-enter the card details for the next transaction. They can provide the OTP and use their saved card to complete the transaction.
Advantages
- Faster checkout experience for the customers.
- Reduction in payment failures due to incorrect card details.
According to the
, Payment Aggregators(PA)/Payment Gateway(PG) and businesses cannot save their customers' card numbers and other card data on their servers.Key Takeaways
- Card networks and card issuers are the only parties that can save plain text cards. Businesses, Payment Gateways and Payment Aggregators are no longer allowed to store actual customer card details.
- Businesses should adopt a tokenisation solution to continue offering customers a saved card experience.
- The token should not be visible to the cardholder. Tokens should be managed between the Token Requestor and Network.
- Customer consent and Additional Factor of Authentication (AFA) are required for saving a card/creating a token. This can be clubbed with the same Two-Factor Authentication (2FA) used during the first transaction.
Your customers can not avail saved card experience at checkout without tokenisation. Optimizer offers an end-to-end RBI-compliant solution that allows you to save customer credentials as tokens with card networks and issuing banks and process payments through any PA/PG. Customers can then use these tokens
to make repeat purchases on your website without re-entering card details. You can process these payments through any PA/PG as per your business requirements.
Watch Out!
If you are using the saved card feature, you must redirect cards traffic to the supported gateways only. Know more about
.In this integration, you can choose to be a Token Requestor(TR) or work with Razorpay as the Token Requestor.
This integration complies with data localisation guidelines.
Tokenised payment processing on Optimizer occurs in two scenarios:
- When .
- When .
You can use Optimizer with Razorpay as Token Requestor and process payments on Razorpay and external gateways. Given below is the Optimizer Tokenisation flow when Razorpay is the Token Requestor.
Given below is the first-time payment tokenisation flow:
- The customer initiates a payment.
- The customer consents to save a card on your website/app checkout.
- After completing the transaction successfully through Optimizer, we initiate the tokenisation request at checkout.
- The Card Network or issuing bank returns a unique
token
corresponding to the tokenisation request to the merchant through Razorpay.
Given below is the saved card payment tokenisation flow:
- The customer initiates a payment using a saved card.
- We retrieve the token data from the token service provider automatically.
- Using the token data, Optimizer will process the payment through any of the selected payment gateways.
- The payment is initiated and processed using token data.
If the token
is requested by the merchant or any other external gateway, the payment can be processed via Razorpay or external gateways.
Given below is the tokenisation flow when the merchant or external PA/PG is the Token Requestor:
- The customer initiates a payment using a saved card.
- The merchant retrieves the token data and passes it on to Optimizer.
- Optimizer passes the token data to the selected gateway.
- The payment is initiated and processed using the token data.
Watch Out!
If a merchant requests a token from a payment partner other than Razorpay and attempts to complete the transaction through another payment partner, please contact us at payments_optimizer@razorpay.com
. We'll assist you with the additional token attributes required by the payment partner to complete the transaction.
Below is the list of supported payment gateways and card networks that support tokenisation:
Watch Out!
-
Tokenisation for Amex and Diners card networks is an on-demand feature. Please raise a request with our
to get this feature enabled on your Razorpay account. -
Watch this video to know how to raise a feature enablement request on the Razorpay Dashboard.
-
Ensure that tokenization flags are enabled for all networks at the downstream gateway.
Was this page helpful?