Behind the Retail Checkout: The Importance of Tokenization and Data Portability
A frictionless checkout experience and a need for data security and portability are crucial concerns for retailers and consumers alike. On one side, consumers demand payment optionality at checkout, while on the other, retailers strive to meet that challenge by utilizing various payment service providers (PSPs) and payment methods.
It’s no wonder then that at the heart of tokenization and data portability, payments play a pivotal role, as the total volume of tokenized payment transactions will surpass 1 trillion by 2026. When data breaches abound and PSP (payment service provider) restrictions exist, how can retailers prioritize tokenization and data portability to create a cohesive checkout and payment experience?
Tokenization for Optimization
Tokenization isn't new, but today’s retailers stand to benefit from the technology, as losses from online payment fraud will exceed $362 billion globally over the next five years. Why? Tokenization allows retailers to forego the traditional route of storing sensitive card details and replace that data with tokens that enhance security and portability.
These digital identifiers replace card data during transactions, ensuring bad actors cannot access and use the information. The tokens can also securely pass through multiple systems without worry as information is locked down.
Retailers that leverage network tokens also stand to benefit from increased authorization rates. In 2020, Visa’s Token Services showed an uplift of 3.2 percent in authorization rates. It’s important to note, however, that not all tokenization approaches are equal when it comes to tokens and data portability.
Data Portability Behind the Checkout
One of the main things retailers must consider with data portability is the restrictions that can come with growth. Retailers that tokenize card data with PSPs will find that card data is replaced with PSP-specific tokens sent on every request rather than relying on original card data.
Storing card data with a single PSP can severely limit data portability for retailers. Instead, retailers should utilize network tokenization, which extends on the idea of PSP tokens by allowing retailers to send card data to a network tokenization service to determine what scheme to connect with to issue a network token.
More importantly, retailers that take advantage of network tokens can quickly switch between different PSPs without worrying about migrating sensitive card data, which is vital for maintaining flexibility during changing market conditions.
How to Take Action
Retailers that want to capitalize on data portability need to consider who owns the token — the retailer or the PSP. For retailers that want maximum flexibility, an external vault is necessary for tokenization. An external vault generates tokens that belong to the retailer and can be taken anywhere, anytime. These tokens can also be used in a vault provider’s system or externally with a service provider to ensure that portability and ownership coexist for optimal agility.
Keeping card data within an independent cloud vault also allows retailers to instantly process card data with any PSP without migration issues, as a cloud vault securely stores card data and helps guarantee PCI compliance. Retailers can also use this data to process payments with any PSP, routing card data on demand to a preferred processor based on cost, preference, location and a multitude of other factors.
While understanding what goes on behind the customer checkout process isn't always easy, retailers that implement a comprehensive tokenization and data portability strategy will be able to decrease security threats while delivering a checkout experience that keeps customers coming back to buy.
John Lunn is the founder and CEO of Gr4vy, which provides cloud-based payment orchestration and infrastructure to empower merchants to manage and scale payments fast.
John Lunn is the Founder and CEO of cloud payment orchestration platform Gr4vy. He is a technology and fintech entrepreneur with 21 years of experience working and investing in financial services, commerce enablement, e-payments, data, security and infrastructure. Lunn worked as the Director of Technology for six years at CyberSource, the world’s first payment service provider, which was sold to Visa for $2Bn in 2010. He then helped found Passmark Security which was sold to RSA Security in 2006.
In 2006, Lunn joined PayPal as the fourth employee in the UK (now 2,000+), where as Global Director of Developer and Startup Relations, he built and grew PayPal’s first Developer Relations team. In 2015, he was instrumental to the purchase of Braintree by PayPal and joined the team. In 2016, Lunn was part of the team that launched PayPal Ventures, the venture capital arm of PayPal, a $350m fund with backing from the Board. Lunn was a Board Observer for Dosh, Arkose, Raise, Acorns, Toss and many others.