A Tokenization Tidal Wave is Coming. Are You Ready?

Nitin Prabhu
Aug 31, 2018 · 4 min read

When PayPal first began, shopping online was in its infancy. The value proposition of security and convenience, coupled with the ability to sell to people around the world, enabled PayPal to become one of the most trusted brands in online shopping.

With the rise of mobile, the commerce landscape is quickly evolving — getting better, faster and smarter. Mobile and connected devices are creating unique monetization models, engaging customer experiences and new data flows — enabling businesses and consumers to interact in new ways. This however, creates new challenges that need to be solved in order to continue to enable seamless and secure commerce.

The underlying reason that still connects consumers and businesses is payments — it’s what motivates businesses to create amazing experiences for consumers to enjoy. Without a seamless and secure payment platform consumers may not feel comfortable transacting on a site, no matter how amazing the experience is.

As with any new change, there is a need for existing infrastructure to make way for new technology. For decades, the card number (also known as PAN) has been used for commerce. Because of evolving payment experiences, potential security risks and the continued sophistication of fraudsters — we need to evolve as an industry and stay ahead to continue to deliver a convenient and safe commerce experience.

For example, if a consumer’s card data is compromised, it can have negative consequences for both the consumer and the business. Often, a consumer has to go through the hassle of ordering a new card, waiting for the card to arrive and then updating their card information across all the sites where they shop. Additionally, consumers who have recurring billing set up may miss payments, or incur additional fees due to missed payments.

For businesses, if a customer’s card is blocked for reasons like fraud, they have to decline the transaction, resulting in a bad experience for their customer and lost sales. Even if the business had implemented the best risk and fraud tools, a card compromise at another merchant could impact their business.

Tokenization, a concept introduced by the networks as part of the EMVCO framework, in partnership with the larger ecosystem, helps address many of these issues. And we see a great future there. PayPal provides a simple API interface that allows businesses to leverage tokenization as one of the many benefits of integrating into PayPal’s payment platform.

In the most simplistic terms, tokenization creates an alternate card number for your actual card number (or PAN as referenced above) which is shared with merchants and thus limits access to a customers’ financial information. Coupled with other concepts like step-up authentication, contextual data of the transaction and cryptography, tokenization makes the payment experience more secure. As we are seeing in the in-store world, replacement of the traditional magnetic swipe with EMV chip cards has reduced fraud, but it is also driving the fraudsters to potentially target consumers in other ways. Tokenization enables the ecosystem to be more secure, create richer experiences and more efficient payment processing.

Tokenization has the potential to be a win-win for all players.

  • For consumers, it creates more engaging experiences, where consumers can see the actual credit card art instead of deciding which card to use based on the last four numbers or nicknames of cards. It also adds another layer of protection so consumers know that there are multiple layers in place to protect their information. Finally, if something happens to a consumer’s card, or if it expires, banks can seamlessly replace the token across all relevant businesses without the consumer needing to update their card.
  • For businesses, they may see higher approval rates as cards are refreshed as part of the life cycle events and banks are able to make better risk decisions due to contextual data.
  • For the payments industry and banks specifically, it enables improved presentment of their brand to create familiarity for the customer. It also helps manage losses and improves the approval rate of transactions due to better visibility into transactions.

As with any new technology, transition to and adoption of Tokenization is complex. At PayPal and Braintree, we can tokenize cards to help keep payment information accurate, show card art to consumers to create better experiences and improve the transaction approval rates. We are excited about the security that tokenization provides and believe it will ultimately be as ubiquitous as PAN. The PAN is still relevant as it helps with many critical payment operations like risk management, which has been built over the last several decades.

Of course, this standardization comes with partnership. We talk with our partners to understand systems and processes that may have been built over the years to optimize to their needs. Let us know how we can help you with yours. If you want to learn more or share ideas, we would love to listen: BraintreeExtend@getbraintree.com.

PayPal Engineering

The PayPal Engineering Blog

Nitin Prabhu

Written by

Nitin is Global Product Head: Issuance, Tokenization, Loyalty & Engagement Platform at PayPal. He is active advisor, mentor & investor in the startup community.

PayPal Engineering

The PayPal Engineering Blog