Funds-on-File Tokenization | B2B Finance Glossary
What is Funds-on-File Tokenization?
Funds-on-file tokenization is the process of securely storing customer payment information by replacing this sensitive information with an algorithmically generated number called a token. With a funds-on-file token, it’s possible to repeatedly and safely authorize, charge, and re-use a customer’s payment method without directly accessing their private information. In this way, it becomes almost impossible for another party to access this sensitive data.
Funds-on-file tokens can be passed through the internet or the various wireless networks needed to process a payment without exposing bank or credit card details.
How Does Funds-on-File Tokenization Work?
As we explained above, tokenization substitutes sensitive information with equivalent nonsensitive information. This non-sensitive information is referred to as a token.
Tokens are formed in a variety of ways:
- By using an index function or randomly generated number
- By using an irreversible function like a hash function
- By using a mathematically reversible cryptographic function with a key
Once the token is created, it replaces the sensitive information, which is stored safely in a centralized surfer known as a token vault. This vault is the only location where the original, sensitive information can be traced back to its corresponding token.
However, some tokenization is vaultless, and instead of being stored in a database, it is stored using an algorithm. If the token is a reversible token, then the original sensitive information is usually not stored in a vault where the information could potentially be tracked down.
Here’s a closer look at how tokenization works with a token vault:
- A customer will give his or her payment details through an online checkout portal
- The information is then switched with a randomly generated token which is created by the merchant’s payment gateway
- The original sensitive payment information is taken to a token vault in the merchant’s payment gateway, and the tokenized information is encrypted and sent to a payment processor
- The tokenized information is once again encrypted by the payment processor before it’s sent off for final verification.
Remember, the block is the only place where a token can be traced back to the original information it represents.
What is the Difference Between Funds-on-File Tokenization and End-to-End Encryption?
Tokenization protects card or bank information by replacing it with a stand-in token. On the other hand, end-to-end encryption encrypts cardholder data at the origin and then decrypts it at its final destination. End-to-end encryption examples include VPNs and certain messaging platforms such as WhatsApp.
Tokenization and encryption reduce the scope of PCI Compliance because they reduce the number of systems that have access to credit card information that belongs to customers. Both tokenization and end-to-end encryption are used in payment technology, but tokenization is much more cost-effective and secure.
Encrypted information can be mathematically reversed with a decryption key, but tokens cannot be reversed.
What are Some Examples of Tokenization?
Tokenization can protect all data types, including medical records, bank transactions, loan applications, stock trading, voter registration, car license information, criminal records, etc.
Any sensitive form of information can be tokenized. Still, tokenization is often used to protect credit card data, bank account information, and other sensitive data that goes through a payment processor.
Payment processes use cases for tokenization include the following: e-commerce sites, businesses that keep customer cards on file, and mobile wallets such as Android Pay and Apple Pay.
What are the Benefits of Tokenization?
Tokenization allows businesses to vault a customer’s payment information securely. With a funds-on-file token, users can securely authorize, charge, and re-use a customer’s payment method without accessing their private information directly. Here are the benefits of funds-on-file tokenization:
- Improved compliance. Tokenization means less red tape for your business. If you accept credit or debit cards, you must comply with the Payment Card Industry Data Security Standard (PCI DSS). Tokenization makes achieving and maintaining compliance with industry regulations significantly easier.
- Lower risk. Tokenized data is never stored on your system. Instead, it is housed off-site in a cloud-based server to eliminate security risks and liabilities.
- Increased security. Tokenization protects your sensitive information and makes it significantly less vulnerable to cyberattacks. Tokenization can also protect your data from those connected to your organization, such as your employees, contractors, vendors, and suppliers.
- Better compatibility and compliance. Funds-on-file tokenization is more compatible with legacy systems than end-to-end encryption. It also reduces the steps involved in complying with PCI DSS regulations for merchants.
More Convenience and Innovation
Tokenization helps make payments more seamless for customers and improves the security and convenience for customers across the board. It also helps integrate new payment technologies such as digital wallets, one-click payments, and digital assets into everyday payment options, helping to move the entire industry forward.