Payment Tokenisation

Eliminating payment data from your network is the best way to help ensure that your customer's sensitive payment information is safe. CyberSource Tokenisation replaces sensitive payment data with a unique identifier or token that cannot be mathematically reversed. The actual payment data is securely stored in CyberSource data centres which are operated by Visa Inc. Typically, the token will retain the last four digits of the card as a means of accurately matching the token to the payment card owner, enabling you to run your operations without card data in your environment.


  • Payment data stored in secure CyberSource data centres and exchanged
    for a safe token
  • Tokens generated using proprietary algorithms and cannot be
    mathematically reversed
  • Token format fits legacy payment card data fields
  • Tokens support all payment actions and checkout models including one-
    time authorisation, capture and settlement, recurring and subscription
    billing, credit and partial credit, split capture, reauthorisation, and
    standard checkout


  • Reduces PCI DSS scope
  • Renders payment card data meaningless to hackers
  • Reconciles chargebacks and payments without handling payment data
  • Works with your current systems and processor/acquirer

Implementation Guides

Payment Tokenization with the SCMP API
Payment Tokenization with the Simple Order API

Featured Resources:

Payments and Security Brochure

Learn more about Payment Security: