Developer Guide Menu

Payment Network Tokenization

Payment network tokens are used throughout the financial network. Token service providers create these tokens to replace PANs. A payment network token is a unique identifier that is virtually impossible to reverse-engineer.
In the authorization request under the
paymentInformation
object:
  1. Obtain the payment network token value and the expiration date of the token from the token service provider.
  2. Under the
    tokenizedCard
    object, set the
    number
    field to the payment network token value.
  3. Set the
    expirationMonth
    and
    expirationYear
    fields under the
    tokenizedCard
    object to the payment network token expiration date.
  4. Include the payment network transaction type field,
    transactionType
    , under the
    tokenizedCard
    object. The only supported value is
    1
    , and it indicates that this is an in-app transaction.
  5. On CyberSource through VisaNet, you can choose to include the requestor ID field,
    requestorID
    , under the
    tokenizedCard
    object.
For in-app transactions, payment network tokenization uses some of the CyberSource payer authentication request fields. In these cases, additional payer authentication fields must be included for the various card types as described below.
For Visa requests:
  1. Set the
    commerceIndicator
    field under the
    processingInformation
    object to
    vbv or internet
    .
  2. Set the
    xid
    field under the
    consumerAuthenticationInformation
    object to the 3D Secure cryptogram of the payment network token.
  3. Set the
    cavv
    field under the
    consumerAuthenticationInformation
    object to the 3D Secure cryptogram of the payment network token.
For Mastercard requests:
  1. Set the
    commerceIndicator
    field under
    processingInformation
    object to
    spa
    .
  2. Set the
    ucafAuthenticationData
    field under the
    consumerAuthenticationInformation
    object to the 3D Secure cryptogram of the payment network token.
  3. Set the
    ucafCollectionIndicator
    field under the
    consumerAuthenticationInformation
    object to
    2
    .
For American Express requests:
The cryptogram for the American Express card type is either a 20-byte or a 40-byte binary value. For a 20-byte cryptogram, send the cryptogram in the
cavv
field.
  1. Set the
    commerceIndicator
    field under the
    processingInformation
    object to
    aesk
    .
  2. Set the
    cavv
    field under the
    consumerAuthenticationInformation
    object to the 3D Secure cryptogram of the payment network token.
For a 40-byte cryptogram, split the cryptogram into two 20-byte binary values (block A and block B). Send the first 20-byte value (block A) in the
cavv
field. Send the second 20-byte value (block B) in the
xid
field.
  1. Set the
    commerceIndicator
    field under the
    processingInformation
    object to
    aesk
    .
  2. Set the
    cavv
    field under the
    consumerAuthenticationInformation
    object to block A of the 3D Secure cryptogram of the payment network token.
  3. Set the
    xid
    field under the
    consumerAuthenticationInformation
    object to block B of the 3D Secure cryptogram of the payment network token.
Top