The secure tokenization of cardholder data to reduce the
risk of data breaches and minimize the cost and scope of regulatory compliance is
the foundation of TokenEx’s Cloud Security Platform. Additionally, our flexible,
transparent integrations allow for superior functionality and compatibility with
third-party solutions. One such capability is our support for account updater
services, which enables our customers to maintain up-to-date cardholder data
without reintroducing PANs or other sensitive card information to their
An account updater service exchanges account information
updates between card issuers and acquirers (or service providers) for
credential-on-file merchants. The account updater service provider will pass
the account updater files to the credential-on-file merchants to provide the
merchant with up-to-date payment card information, creating a more seamless
payment process as cards expire and new cards are issued. Account updater can
also be offered as a real-time service via an API. This real-time account
updater service allows the merchant to refresh card details at the time of a
customer’s transaction, which can be beneficial for non-subscription merchants.
Typically, merchants store data from multiple card brands,
so the account updater service provider will have to inquire for all brands
included in the merchant’s updater inquiry file. The account updater service
provider will pass on the request for each card to the corresponding card
network, who will find the issuer for each card to retrieve the updated card
information. This information is then compiled into an updater file (an API
response if the request was real-time) that is returned to the service provider
and ultimately to the merchant.
The Vault Updater solution is the managed file transfer (MFT)
functionality that allows customers to utilize any account updater service in line
with their universal TokenEx token vault. Vault Updater synchronizes our
customers’ universal token vaults with their account updater service,
preventing the disruption of the standard payment process due to outdated card
information. TokenEx Vault Updater also ensures that our customers can keep
their cardholder data up to date without ever touching a PAN, minimizing their
PCI scope and mitigating the risk of a data breach.
TokenEx’s support of account updater services essentially uses our
standard MFT—a batch-file process that uses the secure file transfer protocol (SFTP)
to transmit data. The only difference is the addition of an updater inquiry
file at the beginning of the process. Here’s an example of a typical data flow for
an account updater integration:
sends an updater inquiry file to TokenEx containing the tokens the customer
wants to update via SFTP.
- TokenEx detokenizes the updater inquiry file.
- TokenEx sends the updater inquiry file to the
account updater service provider via SFTP.
- The service provider compiles the updater file and returns it to
TokenEx via SFTP.
- TokenEx tokenizes all of the PANs in the file.
- TokenEx returns the tokenized updater file to the customer via
That’s it. The new PANs from the updated
accounts are tokenized and safely stored so our customers’ business-as-usual
process can continue uninterrupted. With TokenEx’s Vault Updater support,
customers can choose any account updater service or services they desire to synchronize
their token vaults with account updater.