Usage of tokens in the digital payment world was designed to replacing sensitive data with a non-sensitive digital data equivalent. This tokenization process is a way to protect your cardholder sensitive data by exchange it with secure data, called a token. The sensitive data includes a 16 digit card number, card verification number, and card expiry date which must be exchanged with a digital token that serves as a unique reference to the card. This token will be used by Digital Wallet provides (e.g. Apple Pay, Google Pay) to initiate the authorization request to the card network, and it will be used by the card network to lookup the card information before they send it to the issuer institution.
You can provision your card information to Apple Pay by taking a picture of your payment card. Apple sends card details to the card network and issuer to do authentication. Upon successful authentication, your Apple device replaces payment card details with a series of randomly generated numbers (or pay tokens) and store this information in a secure location (Secure Element-SE). Other non-sensitive information is visible via the Apple device app - WALLET.
In google pay, tokenization works in a similar flow as apple pay. Google will store this information in a secure location, Host Card Emulation (HCE).
As the original PAN of the card is never stored on the end user's mobile device. Payment of transaction will be made by payment token that has been securely stored.
Nium offers a card tokenization process, enables you to provide cardholders with a secure and convenient way to store and use their payment cards within their mobile and wearable devices.
Nium supports 2 methods for provisioning a token, to exchange a payment card into a token within the digital wallets.
This method allows your customer to enter the card data directly into the digital wallet in their mobile or wearable device. It requires your customer to type in card information or take a photo of a physical card.
This method allows seamless provisioning to your customer. It requires you to develop the SDK for various mobile operating systems. You can use Nium iOS and Android SDKs to reduce your development timeline, this will eliminate a need for your mobile application to integrate separately with Google/Apple SDK while integrating with Nium API on the card program. However, you still need to go through UI/UX certification required by Apple/Google.
Apple or Google has their own timeline on the certification process of your mobile app. You need to manage it directly with Apple or Google.
Updated about 2 months ago