Kevin Burns, head of solution architecture at Vodat International, assesses the impact Visa and Mastercard’s plans to introduce a Token Management Service in 2015.
Since joining Vodat in May last year, the team and I have hotly debated tokenisation. Whilst considering whether to invest in our own solution, or work utilise the tokenisation of specialist PSPs, we noticed some significant changes coming downstream from the card brands.
It’s possible that you have missed these online commerce changes; more specifically, Visa and Mastercard’s plans to introduce a Token Management Service (TMS) in 2015.
What is TMS?
Tokenisation is the substitution of sensitive data for an equivalent with no exploitable value. TMS will provide the format for preserving these tokens.
With TMS, the token will be provided by the channel (store, online or mobile) and will be specific to either the transacting merchant or consumer’s mobile devices – whoever instigates the transaction. Each token has a finite life, which is varied based upon risk.
What does this mean for omnichannel retail?
Once the card brands have mandated use of their token services for eCommerce transactions, and mobile has become the dominant payment method (thanks to new NFC technology enabling high value contactless payments), retailers will lose the ability to see their customer.
Instead, they will see an avatar. This may last for a single transaction, or remain viewable for multiple transactions in a single channel. However, retailers will not be able to determine that an individual is shopping with them across multiple channels – unless they pay with Visa or Mastercard, or they’re a strict loyalty card user.
In addition, retailers will only be able to issue refunds in the channel that the transaction originated from, which will involve considerable consumer education.
But despite these logistical issues, TMS will further reduce the opportunity for fraud to take place, which is good news all round.
How will TMS impact retail technology providers?
For Vodat, the advent of TMS from Visa and Mastercard has proved we were right not to rush into building our tokenisation platform last year.
Now, our customers will not be disadvantaged by having our best of breed solution in their stores whilst someone else runs their eCommerce transactions. Indeed, they can currently benefit from channel by channel compliance to secure customer data.
Our next challenge is to decide whether to provide tokenisation using TMS from Visa and Mastercard, or assume all acquirers will eventually introduce this security measure, and look at the additional data fields we may need to accommodate.
Kevin Burns is head of solution architecture at Vodat International. For more information, visit The Payments Network