Tokenization

Tokenization

▼ Tokenization
Payment with token (non-pass-through payment with the use of JavaScript) is a security service that minimizes the risk of data breaches. It completes the payment by converting the credit card number into a unique alphanumeric token.
By using tokenization service, you are able to process payments without touching credit card numbers.
*You send the credit card number entered by the customer, to us by linking JavaScript. With Tokenization we convert the credit card number into a unique alphanumeric token, return the token back to you, and then, process authorization with the token and the amount of money.

Advantages of Tokenization

  • ・It minimizes the risk of data breaches
    Tokenization enables payment processing without "storing", "processing" and "transmitting" credit card information, thus minimizing data breach risks. Even if the token is leaked, it itself has no meaning, and thus, it will not be illegally used on other websites.
    Tokenization is a processing method recommended by the "Action Plan 2018 for the Strengthening of Measures for Security in Credit Card Transactions" formulated by the Japan Consumer Credit Association.

    *Merchants are required to not retain card data or comply with PCI DSS based on Action Plan 2018.

  • ・It does not require significant changes in the system.
    As it allows to use the protocol/module connection type, you are able to provide your customers with secure payment environment without making them jump to the payment screen provided by us.

Data flow

  • Token is sent, Authorization…Token is sent, Authorization
Data flow of the token payment
  1. Purchase screen is displayed
  2. Credit card number is sent by linking JavaScript from html
  3. Token is returned
  4. Token is sent
  5. Authorization with the token and an amount of money is processed.
  1. Token is converted into the card number. Authorization is processed.
  2. Authorization result is returned
  3. Authorization result is returned
  4. Receipt page is displayed

Important notes

1. The token has an expiration date

Issued tokens will become no longer valid if a certain amount of time has lapsed or they have been used for payment once.

2. Browser environment

Browser-side tokenization requires JavaScript. Since POS terminals (and some feature phones) are not configured for using JavaScript, tokenization is not available.

3. Tokenization is available for credit cards payments and multi-currency credit card payments

Related information