Which Integrations Does TokenEx Support?
Does your business store sensitive data that needs to be secured and protected? If so, you are likely looking for a reputable tokenization provider. In this article, we will discuss the TokenEx Data Protection Platform, which integrations it supports, whether additional integrations can be used, and any limitations of TokenEx.
The TokenEx Data Protection Platform
Our Data Protection Platform is designed to help businesses offload the risk of storing sensitive data internally and provides a single point of integration for third-party organizations. Thus, TokenEx customers can safely and compliantly accept, store, and transfer sensitive data according to their business needs. This level of security and flexibility helps customers improve their payment acceptance rates and revenue opportunities and reduce latency and minimize their PCI footprint.
How Many Integrations Does TokenEx Have?
As for integrations, TokenEx can collect data from and send data to any third-party API. The only requirement is that the technology or service is API-based. However, if the integration is not via API, that doesn’t necessarily mean that we cannot work with it. It just means you may not receive the same benefits as our direct API-based integrations, such as the reduced risk and scope that results from our ability to capture data before it enters your environment. Indeed, this is because you will need to use another method to send data to TokenEx, which will likely require you to handle their sensitive data directly. Furthermore, we provide managed file transfer or MFT/batch, which customers mainly use to send data to us.
Which Integrations Are Built Into Our Platform?
TokenEx has 11 prebuilt payment gateway integrations for the Payment Services 2.0 API. These gateway integrations make it easy to process transactions based on your company’s needs. The Payment Services API is a maintenance-free, single point of integration offering rapid speed-to-market, international scalability, increased conversion rates, and more. Our current integrations include:
Services to Help Customers Get Started with TokenEx Integrations
TokenEx offers various services to help you set up your preferred integrations. This includes Network Tokenization, Account Updater, 3-D Secure, and Kount fraud prevention.
TokenEx provides network tokenization services as an On-Behalf-Of Token Requestor (OBOTR), which allows businesses, acquiring banks, and payment service providers to integrate with global Token Service Providers (“TSPs”) using a single API. Our randomly generated tokens will also reference the primary account number (PAN) and network tokens if a network token can be supplied for the PAN. Additionally, the TokenEx token can act as a fail-safe PCI token if global TSPs decline the tokenization request. Since not all card issuers and payment gateways support network tokens, the TokenEx token can be used to reference the PAN. The network token protects the customer from PCI DSS scope if the network token cannot be used for a PAN or transaction.
Our TokenEx Account Updater is a service that allows merchants to keep card-on-file details up-to-date and to receive updates when their customers’ bank card or expiration date changes. To use this service, we need a few items from customers. This includes the customer’s public IP address(es) to be whitelisted in our secure system, the customer’s TokenEx token scheme used to tokenize credit card PANs, and a single notification email address (for an individual or a group distribution list). Since this service is not enabled by default, customers can contact our client success team for assistance.
The TokenEx Iframe can begin the 3-D Secure (3DS) integration by performing device fingerprinting on the client’s browser. Device fingerprinting is the association of client browser attributes with a specific transaction. When 3DS is enabled for PCI or PCI with CVV modes, and a notification URL is provided, the tokenized response will include information regarding which 3DS version(s) the PAN supports. If a PAN supports device fingerprinting, a hidden iframe will be rendered in the same container as the PAN iframe, along with a script that will record and post the browser attributes to the card issuer and associate those attributes with the 3DS transaction ID.
When the ACS receives the browser attributes, the merchant will receive a notification URL. For payment authentication flows, notification receipts can be set up to send the authentication request to the card issuer via the TokenEx API. The TokenEx API manages the authentication request, challenge status, and 3DS version retrieval.
As for the TokenEx Payment Services API, this has various gateways that accept 3DS data. Businesses can use their 3-D Secure authentication result within an Authorization or Purchase request. The gateway will forward that information to the card issuer, stating that the transaction has been evaluated through the 3DS authentication process.
Kount Fraud Detection
At TokenEx, our preferred fraud-prevention partner is Kount, an Equifax company offering customers of both platforms a layered security solution to protect payments. Kount’s Fraud Management tools can analyze consumer spending and behavioral patterns to identify fraudulent transactions. As a result, this can help prevent false declines, chargebacks, and theft.
Clients will need to submit Kount’s proprietary token called KHASH as part of the Risk Inquiry Service. This enables clients to maximize the power of our partner’s Identity Trust Global Network. Since generating the KHASH requires access to the raw PAN, this can potentially introduce or reintroduce PCI scope. Luckily, TokenEx clients can use the TokenEx iFrame to capture the PAN and generate a TokenEx token and Kount KHASH while meeting PCI compliance. Indeed, allowing TokenEx to reduce the PCI risk and Kount to prevent fraud is an effective way to combat card-not-present fraud. A LexisNexis Risk Solution’s 2020 study found that medium to large U.S. businesses with physical goods reported 44 percent of losses due to card-not-present fraud and identity theft.
How Does TGAPI Work, and Can I Use It to Add More Integrations?
The Transparent Gateway API 2.0 (TGAPI) is a popular solution for organizations that need a customizable low-code (minimal effort) solution to send sensitive data to any API endpoint. This feature allows clients to easily integrate with their preferred processors, gateways, and other third-party technologies. TGAPI 2.0 can tokenize data received directly from third parties, tokenize up to 10 tokens per API call, and encrypt various data elements in an outbound message. Indeed, TGAPI 2.0 reduces the surface area businesses must secure to protect incoming sensitive data, establishing a more manageable risk footprint. Therefore, this feature reduces cost and complexity while also offering a limitless expansion of third-party acceptance channels without increasing the risk of PCI scope.
What Limitations Does TokenEx Have?
Like any technology, TokenEx has limitations. For example, if a client needs to work with a gateway that isn’t connected to our Payment Services API, this doesn’t mean we cannot work with that gateway. The client will need to use TGAPI to build a secure connection, thus allowing us to work with the gateway. This is just one example of our “limitations.”
TokenEx is a robust, flexible cloud-based tokenization provider that offers a wide range of expert services to help you achieve your business needs and goals, as well as reduce PCI scope and fraud risks. TokenEx services like Network Tokens, 3-D Secure, Account Updater, and Kount fraud prevention enable clients to add integrations that help improve their business operations, data security and protection, and success.