Payment Tokenisation Payment transactions are more secure due to the concept of Payment Tokenisation. The Payment Tokenisation Specification provides an interoperable Technical Framework that will benefit Acquirers, Merchants, Card Issuers, and Cardholders. This Technical Framework describes a global Payment Tokenisation ecosystem that overlays and interoperates with existing payment ecosystems to support digital commerce and new methods of payment.
| Version | Published | Description | Related Bulletins |
|---|---|---|---|
| 1 | 10 Mar 2014 | EMV® Payment Tokenisation Specification – Technical Framework | See All |
EMVCo has established a Token Service Provider Code (“TSP Code”), which is a 3 digit code assigned to Token Service Provider (“TSP”) and maintained by EMVCo. The TSP Code is included in the Token Requester ID, which uniquely identifies the pairing of Token Requester with the Token Service Provider. This helps achieve transparency of the entity that provided the Payment Token.
EMVCo has established a BIN Controller Identifier Registration (“BIN Controller ID”), which is a 4 character value assigned to a BIN Controller for purposes of Payment Account Reference (PAR) governance, with registration being maintained by EMVCo.
| Version | Published | Description |
|---|---|---|
| 1 | 15 Nov 2016 |
EMVCo White Paper on Payment Account Reference |
| 1 | 31 Oct 2016 |
Webinar: Payment Account Reference (PAR) |
| 1.1 | 21 Oct 2016 |
EMV® Level 3 Testing Framework – Process Enhancements |
| 1 | 18 Mar 2015 |
Bulletin nº 001, Formal Adoption of Level 3 |
Q: What is an EMVCo compliant payment token?
A: A payment token based upon EMVCo Specifications is a reversible token generated at the payment issuer level. This means that the reversible token can be securely mapped back to its original card account number by the provider of the payment token and authorised entities only. It is used as part of the payment chain and, when submitted in a transaction to the payment system, would cause a payment to occur. The tokenisation process happens in the background in a manner that is typically invisible to the consumer. Such tokens could be used by merchants or digital wallet operators, and can be stored in EMV® chip cards and NFC devices. The payment tokens are restricted to specific domains. For example, a token may be usable only within the e-commerce acceptance channel at a specific merchant. An additional payment token capability is the ability to unlink the token from the original card account number in case that token is either no longer needed, or a mobile device or card has been lost or stolen. Payment tokens will be of particular value in card-not-present transactions, as well as in mobile devices and other form factors.
Q: What is the first work item to be progressed by EMVCo?
A: EMVCo has released the EMV® Payment Tokenisation Specification – Technical Framework v1.0.Available to download from the EMVCo website without charge, the technical document provides the payments community with the framework to facilitate consistent, secure and globally interoperable digital payments when using a mobile handset, tablet, personal computer or other smart device.
Q: What will I learn from reading the EMV® Payment Tokenisation Specification – Technical Framework v1.0?
A: The document provides readers with a clear insight into EMVCo's work and remit to standardise payment tokenisation and encourage global interoperability. It describes the payment tokenisation landscape, the key entities necessary to support payment tokenisation, the data fields that can be implemented to support a tokenisation service and the benefits of adopting a unified approach, as well as delineating several payment token use cases. From a technical perspective, the document explains the role of the specification in facilitating broad-based acceptance of a payment token as a replacement for a traditional card account number. This includes data message formats to ensure the interoperability of payment tokens and the consistent approach that should be used to route and authenticate a payment token. The framework also explains how security can be improved by limiting payment tokens for use in a specific environment, and how an existing ecosystem can advance to become globally interoperable. In addition, Section 1 of the EMV® Payment Tokenisation Specification – Technical Framework v1.0 provides defined terms and other useful information relevant to parties new to payment tokenisation.
View all related FAQs (PDF)Draft Specifications and Bulletins are shared with EMVCo Associates and Subscribers, who provide feedback and submit Queries. They are also eligible to attend relevant meetings to discuss the Specifications.
