Guides
Go to payrails.com
Start typing to search…

Token Vault

What is tokenization?

Tokenization refers to the process of collecting sensitive payment information and returning a token that represents this information. When you tokenize with Payrails, we handle the sensitive payment information for you, so responsibility for PCI compliance remains with us.

For merchants, handling payment data securely to meet compliance standards and the security of the payment data are must, while ensuring a smooth payment experience is as critical. Token vaults simplify this process by storing sensitive payment data as secure tokens, allowing merchants to process transactions without ever touching the sensitive card details. This approach not only strengthens security but also enhances flexibility, scalability, and compliance in payment workflows.

Payrails Token Vault: PSP agnostic

With our Payrails PCI-DSS Level 1 compliant vault, you can tokenize your customers' payment information and minimize your PCI scope. Payrails Token Vault allows you to switch between any payment service providers at any time, without disrupting your customer experience or facing technical hurdles. Because your token vault is independent of any single payment processor, you’re not locked into any one provider—this means you can take advantage of better rates, improved service, or new features from other providers at any time.

Alongside security and compliance aspects, there are many benefits of tokenizing payment data, for example:

  • Your returning customers can use stored payment methods for a smoother checkout experience,
  • Tokenized payment methods are best performing in subscription or recurring payment scenarios (particularly when used with network tokens),
  • Because your token vault will be PSP agnostic, you will be able to switch between payment providers at any time automatically,
  • You can enable users to manage their saved cards and have control over their sensitive information.

How to use Payrails Token Vault?

There are 2 main ways to use Payrails Token Vault:

  1. Token Vault as a standalone module:

In the case that you want to manage third-party integrations within your system, such as payment providers or your travel partners, but only use our Vault for the storage and processing of the sensitive data via Payrails Vault, you can use our Vault as a proxy which collects the sensitive data via our SDKs and proxy connections with third parties, and pass the sensitive information to third parties without ever touching the sensitive data. If this is what you need, you will tokenize records in our vault.

You can tokenize any type of records, such as cards, network tokens, or a custom set of data that you would like to tokenize. You can use our secure SDK or proxy connections to store any data, and detokenize them when using in outbound connections with third parties or display them in our secure SDK. You can read more about records and about proxy connections and how to use them in our guides.

If you start using our Vault as a standalone module, you can always start using our other modules later, such as payment orchestration or analytics, at any moment in time.

  1. Token Vault as part of payment orchestration:

In this option, you integrate with our payment orchestration platform, where you have one single API integration to the Payrails API, which, in the background, Payrails manages all the provider integrations for you in a PSP-agnostic way. If this is your intention, you will be tokenizing payment instruments that are fully compatible with our payment orchestration platform.

You can see how to tokenize a user’s card information as a payment instrument in tokenize cards guide. After a user’s payment information is tokenized with Payrails, Payrails will return to you a payment instrument ID, which is a non-sensitive ID that you can use to refer to the actual instrument stored in our vault at any time. With instruments, we handle the complexity of using this information to make payments across different providers or networks. You only store a single Payrails payment instrument to process future payments, while we link all tokens to the instrument in which we orchestrate them in an optimized and configurable way. Read more about payment instruments and statuses in our guide to manage instruments.

Updated about 17 hours ago