Network Token Life-Cycle Management

Life-cycle management is a key feature of credentials-on-file (COF) network tokenization. Issuers can keep COF network tokens updated as changes are made to their cardholders' accounts.
TMS
notifies you in real time when updates are made to a card represented by the COF network token in your
TMS
vault. Issuers push the life-cycle management updates either in real time or via a batch process to the card brands. Life-cycle updates and timelines will vary by issuer based on their update process. For example,
TMS
notifies you when a card becomes inactive.
There are two distinct types of life-cycle management events:
  • COF token status changes. Token statuses are:
    • ACTIVE
      : The account and network token are active and in good standing.
      When COF network tokens are active, merchants can process transactions according to their COF agreement.
    • SUSPENDED
      : This status is temporary for COF network tokens and can change to
      ACTIVE
      or
      DELETED
      . Merchants should not send authorizations on suspended tokens. However, these tokens can be re-activated by the issuer later. Suspended COF network token events are usually triggered according to cardholder instruction or flagged by the issuer for suspected fraudulent activity. When the status changes from
      SUSPENDED
      to
      ACTIVE
      or
      DELETED
      , a merchant receives a life-cycle management update.
      Merchants can proactively contact a cardholder to update the credential or have them contact the issuer to reactivate the credential.
    • DELETED
      : This is the final state for a network token. A network token can be deleted when the account is closed or on cardholder instruction.
      Merchants must request a new credential from the cardholder.
    • EXPIRED
      : This is a temporary status for COF network tokens where the token has passed its expiration date. This is not a status that results from a life-cycle management update.
      Cybersource
      does not process transactions with network tokens that have an
      EXPIRED
      status and merchants should not send transactions with network tokens that have an
      EXPIRED
      status. When the network token status is
      EXPIRED
      , there should be a life-cycle management notification to update the status of the token, or the merchant can submit a re-provision.
  • PAN updates to the COF network token:
    • NEW PAYMENT ACCOUNT NUMBER
      :  A new PAN has been provisioned for the network token.
      Merchants can retrieve the new PAN suffix (last four digits) and the new expiration date to store in their cardholder records.
    • NEW PAYMENT ACCOUNT EXPIRY
      : A new expiration date has been provided by the issuer associated with the PAN.
      Merchants can retrieve the new expiration date and store it in their cardholder records.