Guides
Go to payrails.com
Start typing to search…

Token Vault

What is tokenization?

Tokenization refers to the process of collecting sensitive payment information and returning a token that represents this information. When you tokenize with Payrails, we handle the sensitive payment information for you, so responsibility for PCI compliance remains with us.

For merchants, handling payment data securely to meet compliance standards and the security of the payment data are must, while ensuring a smooth payment experience is as critical. Token vaults simplify this process by storing sensitive payment data as secure tokens, allowing merchants to process transactions without ever touching the sensitive card details. This approach not only strengthens security but also enhances flexibility, scalability, and compliance in payment workflows.

Payrails Token Vault: PSP agnostic

With our Payrails PCI-DSS Level 1 compliant vault, you can tokenize your customers' payment information and minimize your PCI scope. Payrails Token Vault allows you to switch between any payment service providers at any time, without disrupting your customer experience or facing technical hurdles. Because your token vault is independent of any single payment processor, you’re not locked into any one provider—this means you can take advantage of better rates, improved service, or new features from other providers at any time.

Alongside security and compliance aspects, there are many benefits of tokenizing payment data, for example:

  • Your returning customers can use stored payment methods for a smoother checkout experience,
  • Tokenized payment methods are best performing in subscription or recurring payment scenarios (particularly when used with network tokens),
  • Because your token vault will be PSP agnostic, you will be able to switch between payment providers at any time automatically,
  • You can enable users to manage their saved cards and have control over their sensitive information.

How to tokenize cards via Payrails

You can tokenize a user’s card information in Payrails Token Vault in multiple ways, depending on the flow(s) that you need in your business. It could be the case that you allow your customers to store a card outside of a payment flow, store a card only after a payment is successful, or both, or similar flows you need to achieve. We explain how to tokenize a payment instrument to achieve such flows in this guide to tokenize cards.

Regardless of the flow being used, Payrails will return to you a payment instrument ID, which is a non-sensitive ID that you can use to refer to the actual instrument stored in our vault at any time. You can also manage the lifecycle or delete instruments. Read more about payment instruments and statuses in our guide to manage instruments.

After a user’s payment information is tokenized with Payrails, we handle the complexity of using this information to make payments across different providers or networks. You only store a single Payrails payment instrument to process future payments, while we link all tokens to the instrument in which we orchestrate them in an optimized and configurable way.

Choosing the right tokenization method

Payrails offers multiple ways to tokenize the card information, depending on the PCI DSS scope you are willing to own, the requirements about the level of control you need on your checkout page, and ease of implementation. You can refer to this guide to read more about how to choose the right integration method.

All of our client-side SDKs as well as our client-side encryption solution leverage our PCI-compliant token vault and enable you to minimize your PCI scope. However, if you want to collect and tokenize card data yourself you can also integrate with Payrails using only our API, which also ensures the maximum level of security with the encrypted objects when passing sensitive data, to read more about how it works can refer to this guide. For more details about implementing our tokenization, see our guides here.

Updated 4 months ago