For most merchants, more sales channels translates to more sales. Giving buyers the option to buy when and where they’re ready is advantageous in today’s competitive environment.
However, even as customers’ buying journeys become more complex, their expectations for a simple shopping experience continue to rise. They want fewer requests for usernames and passwords; fewer requests for non-essential information; and an end-to-end checkout process of four minutes or less. If their expectations aren’t met, they’re more than willing to abandon their carts (or leave a store) and find another business that will provide a better experience.
Omni-channel tokenization is one way that merchants can go above and beyond to provide a fast and easy checkout process across all their sales channels. It takes the basic concept of payment tokenization and applies it everywhere a merchant does business – be it online, in person, over the phone, or even on a mobile app.
What is Omni-Channel/Cross-Channel Tokenization?
Omni-channel tokenization is a process in which a token is created the first time a customer uses a credit or debit card with a particular merchant. This token is stored on the merchant’s local system, but the card number, CVV code, and expiration date are stored in the tokenization provider’s off-site vault. The merchant doesn’t have to worry about their customers’ credit card data being stolen in a breach, while simultaneously reducing their compliance requirements for faster and easier PCI reporting. Meanwhile, they can re-use the original payment token any time the customer comes back for another purchase. The customer won’t have to re-enter their card details; they can simply choose which previously stored payment method they’d like to use for each new transaction.
While some tokenization services only allow their tokens to be used on the same, originating channel, omni/cross-channel tokenization allows the tokens to be used anywhere within the same business. For instance: if the customer completes their first transaction in-store, using a company’s EMV (chip card) terminal, the resulting token can be used later when the customer buys another product on their website. Or, if they make their first purchase through an emailed invoice, the token can be put in a digital wallet and Customer Service can charge the card on file when the customer calls a few weeks later to re-order.
How Does Cross-Tokenization Impact PCI Compliance?
Tokenization is a PCI-approved method for protecting cardholder data. The PCI Security Standards Council does recommend that merchants specifically consider “the transmission from the point-of-capture (e.g., point-of-sale system) to the authorization endpoint, [and] how tokens are retained for use.” That means that before you implement a cross-tokenization system, you should ask the tokenization provider:
- Whether their tokens are reversible or irreversible
- Whether the tokenization process takes place at the source, or whether the data is sent to a tokenization product that generates and returns a token back to the merchant’s system
- Whether the tokenization process occurs before or after the card is authorized
- Whether the tokenization platform has been validated by PCI (vendors who have successfully completed a PCI security audit can be found on the Visa Global Registry of Service Providers).
It’s also crucial to consult with a PCI QSA (Qualified Security Assessor) before adding a tokenization solution to your payments infrastructure; they are the only approved way to confirm the potential impact of a new technology on your compliance requirements.
Discover Omni-Channel Tokenization Solutions for Faster, Easier Credit Card Payments Everywhere You Do Business
Curbstone’s cross-channel tokenization software lets you use the same credit card tokens across all your sales channels. Use the same token for e-commerce transactions, retail transactions, MOTO (mail order and phone order) sales, and even URL payment links. You get everything you need for repeat transactions and refunds – without having to ask your customer for their card again, or without having store sensitive data on your own system.
Ready to see it in action? Contact us to learn more about fast, secure omni-channel payments.
