2. KnowSystem
  3. Tokenization

Tokenization

Card on File

This section applies to transactions that are first initiated by the cardholder where 3D secure is enforced, whereafter monthly debits can be processed by the merchant. The same principle may be applied for the Batch (product) recurring transactions, even though in the below example we have used a second Enterprise application ID which is not 3DS enforced.


CIT with 3D Secure

 

First 3DS Transaction

When performing your first transaction using application id: 00000000-263b-4315-b2cd-000000000000, the gateway will return the TransactionIndex, masked PAN and Expiry Date, which you will need to store in your database.


The following field response values need to be stored on your database, linked to the card holder details.

  • TransactionIndex
  • PAN
  • ExpiryDate


Subsequent - Recurring Transactions

Now comes the time you want to debit the same card.  You will need to pass the following using application id 01010101-7694-4343-95EE-010101010101 which is not 3DS enforced.

Note that this is a different Application ID to the one used for initial transaction but must reside within the same user group.


For this transaction you need to also include the following fields on your request:

  • PANFormat: This must always be fixed to TransactionIndex
  • PAN: You must provide the previous transaction ‘s response value. The masked PAN must be populated.
  • ExpiryDate: You must provide the previous transaction ‘s response value.

The combination of the above are used by the gateway to retrieve the missing digits of the card. Should the above not match to the previous transaction then your transaction will fail.


Subsequent Recurring Transaction Message

In the sample below "CardholderPresence" is set by the merchant on the Debit instruction:


 

REST

SOAP

{

    "Version": "2.0",

    "CertificateID": "{5c4b9c74-0063-4240-9cff-f730675c5bd0}",

    "ProductType": "Enterprise",

    "ProductVersion": "WebAPI",

    "Direction": "Request",

    "Transaction": {

        "ApplicationID": "{d8d5a94-8fa0-428d-a539-3a5baf166f7f}",

        "Command": "Debit ",

        "Mode": "Test",

        "MerchantReference": "Ned20221214_1117",

        "Currency": "ZAR", 

        "Amount": "1600",

        "ExpiryDate": "1230",

        "PAN": "4242........4242",

        "CardholderPresence": "Recurring",

        "PANFormat": "TransactionIndex",

        "TransactionIndex": "7C256903-9097-41AE-81B6-54681B33301F"

        

 

    }

 

<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

  xmlns:xsd="http://www.w3.org/2001/XMLSchema" 

xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">

  <soap:Body>

  <Execute xmlns="http://iveri.com/">

  <validateRequest>false</validateRequest>

  <protocol>V_XML</protocol>

  <protocolVersion>7.0</protocolVersion>

  <request>

    &lt;V_XML Version="2.0" CertificateID="{5c4b9c74-0063-4240-9cff-f730675c5bd0}" 

    ProductType="Enterprise" ProductVersion="iVeriWebService"

 Direction="Request"&gt; &lt;Transaction ApplicationID="{6d8d5a94-8fa0-428d-a539-3a5baf166f7f}" Command="Debit" Mode="Test"&gt;

    &lt;MerchantTrace&gt;24AZNXBEEE&lt;/MerchantTrace&gt;

    &lt;Amount&gt;2000&lt;/Amount&gt;

    &lt;Currency&gt;ZAR&lt;/Currency&gt;

    &lt;ExpiryDate&gt;042024&lt;/ExpiryDate&gt;

    &lt;MerchantReference&gt;20220104.0931&lt;/MerchantReference&gt;

    &lt;CardholderPresence&gt;Recurring&lt;/CardholderPresence&gt;

    &lt;PANFormat&gt;TransactionIndex&lt;/PANFormat&gt;

    &lt;TransactionIndex&gt;7C256903-9097-41AE-81B6-54681B33301F&lt;/TransactionIndex&gt;

    &lt;PAN&gt;4242........4242&lt;/PAN&gt;

    &lt;/Transaction&gt;&lt;/V_XML&gt;

</request>

  </Execute>

  </soap:Body>

  </soap:Envelope>

 

REST Response

SOAP Response

{

    "Version": "2.0",

    "Direction": "Response",

    "Transaction": {

        "Amount": "1600",

        "AuthorisationCode": "811045",

        "CCNumber": "4242........4242",

        "Currency": "ZAR",

        "ExpiryDate": "122030",

        "MerchantReference": "Ned20221214_1117",

        "Terminal": "Default",

        "TransactionIndex": "{550B0E5C-AA2A-4A46-B7A4-9543338188D6}",

        "MerchantName": "iVeri Payment Technology",

        "MerchantUSN": "7771777",

        "Acquirer": "NBPostilionNBSouthAfrica",

        "AcquirerReference": "95713:04649948",

        "AcquirerDate": "20230109",

        "AcquirerTime": "091725",

        "DisplayAmount": "R 16.00",

        "BIN": "4",

        "Association": "VISA",

        "CardType": "Unknown CardType",

        "Issuer": "Unknown Issuer",

        "Jurisdiction": "International",

        "PAN": "4242........4242",

        "PANMode": "Tokenized",

        "ReconReference": "04649948",

        "CardHolderPresence": "CardNotPresent,Recurring",

        "MerchantAddress": "MERCHANT ADDRESS",

        "MerchantCity": "Sandton",

        "MerchantCountryCode": "ZA",

        "MerchantCountry": "South Africa",

        "DistributorName": "Nedbank",

        "ApplicationID": "{6D8D5A94-8FA0-428D-A539-3A5BAF166F7F}",

        "Command": "Debit",

        "Mode": "Test",

        "RequestID": "{3ED8E51C-24AC-4959-8E8E-F3952DEF019A}",

        "Result": {

            "Status": "0",

            "Code": "0",

            "Description": "",

            "AppServer": "105IVERIAPPPR1N",

            "DBServer": "105iveridbpr01n",

            "Gateway": "Nedbank",

            "AcquirerCode": "00",

            "AcquirerDescription": ""

        }

    }

}

 

<?xml version="1.0" encoding="utf-8"?>

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" 

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">

    <soap:Body>

        <ExecuteResponse xmlns="http://iveri.com/">

            <ExecuteResult>&lt;V_XML Version="2.0" Direction="Response"&gt;

  &lt;Transaction ApplicationID="{6D8D5A94-8FA0-428D-A539-3A5BAF166F7F}" Command="Debit" Mode="Test" RequestID="{24A1FCA2-69F0-41ED-B5B7-AB07521EE5B6}"&gt;

    &lt;Result Status="0" Code="0" Description="" AppServer="105IVERIAPPPR2N"

 DBServer="105iveridbpr01n" Gateway="Nedbank" AcquirerCode="00" 

AcquirerDescription="" /&gt;

    &lt;MerchantTrace&gt;24AZNXBEEE&lt;/MerchantTrace&gt;

    &lt;Amount&gt;2000&lt;/Amount&gt;

    &lt;AuthorisationCode&gt;811887&lt;/AuthorisationCode&gt;

    &lt;CCNumber&gt;4242........4242&lt;/CCNumber&gt;

    &lt;Currency&gt;ZAR&lt;/Currency&gt;

    &lt;ExpiryDate&gt;042024&lt;/ExpiryDate&gt;

    &lt;MerchantReference&gt;20220104.0931&lt;/MerchantReference&gt;

    &lt;Terminal&gt;Default&lt;/Terminal&gt;

    &lt;TransactionIndex&gt;{C888BD10-0474-495B-84E7-A113C4C74C76}&lt;/TransactionIndex&gt;

    &lt;MerchantName&gt;iVeri Payment Technology&lt;/MerchantName&gt;

    &lt;MerchantUSN&gt;7771777&lt;/MerchantUSN&gt;

    &lt;Acquirer&gt;NBPostilionNBSouthAfrica&lt;/Acquirer&gt;

    &lt;AcquirerReference&gt;95713:04649951&lt;/AcquirerReference&gt;

    &lt;AcquirerDate&gt;20230109&lt;/AcquirerDate&gt;

    &lt;AcquirerTime&gt;093127&lt;/AcquirerTime&gt;

    &lt;DisplayAmount&gt;R 20.00&lt;/DisplayAmount&gt;

    &lt;BIN&gt;4&lt;/BIN&gt;

    &lt;Association&gt;VISA&lt;/Association&gt;

    &lt;CardType&gt;Unknown CardType&lt;/CardType&gt;

    &lt;Issuer&gt;Unknown Issuer&lt;/Issuer&gt;

    &lt;Jurisdiction&gt;International&lt;/Jurisdiction&gt;

    &lt;PAN&gt;4242........4242&lt;/PAN&gt;

    &lt;PANMode&gt;Tokenized&lt;/PANMode&gt;

    &lt;ReconReference&gt;04649951&lt;/ReconReference&gt;

    &lt;CardHolderPresence&gt;CardNotPresent,Recurring

&lt;/CardHolderPresence&gt;

    &lt;MerchantAddress&gt;MERCHANT ADDRESS&lt;/MerchantAddress&gt;

    &lt;MerchantCity&gt;Sandton&lt;/MerchantCity&gt;

    &lt;MerchantCountryCode&gt;ZA&lt;/MerchantCountryCode&gt;

    &lt;MerchantCountry&gt;South Africa&lt;/MerchantCountry&gt;

    &lt;DistributorName&gt;Nedbank&lt;/DistributorName&gt;

  &lt;/Transaction&gt;

&lt;/V_XML&gt;</ExecuteResult>

        </ExecuteResponse>

    </soap:Body>

</soap:Envelope>

 


Note in the above response you will receive a new TransactionIndex, each time a recurring payment is made, you can keep the new Transaction and daisy chain or use the original/first transaction



CIT - MOTO & COF

 

First Transaction

When performing your first transaction using application id: 00000000-263b-4315-b2cd-000000000000, the following options are available in


COF and Debit with PAN

Process a COF transactions by setting CardholderPrense to “MOTO, COF” and providing the full card details.

  • CardholderPresence": "MOTO, COF”
  • PAN:  
  • ExpiryDate: 


COF and Debit with TransactionIndex 


Process a COF transactions by setting the PANFormat and “Sanitised/tokenised card details. 

  • PANFormat 
  • PAN:  
  • ExpiryDate: 
  • TransactionIndex 


The gateway will return the TransactionIndex, masked PAN and Expiry Date, which you will need to store in your database. The following field response values should be stored on your database, linked to the card holder details.

  • TransactionIndex
  • PAN
  • ExpiryDate


Subsequent/COF Transaction

Now comes the time you want to debit the same card.  You will need to pass the following using application id 01010101-7694-4343-95EE-010101010101 which is not 3DS enforced.

Note that this is a different Application ID to the one used for initial transaction but must reside within the same user group.


For this transaction you need to also include the following fields on your request:

  • PANFormat: This must always be fixed to TransactionIndex
  • PAN: You must provide the previous transaction ‘s response value. The masked PAN must be populated.
  • ExpiryDate: You must provide the previous transaction ‘s response value.


The combination of the above are used by the gateway to retrieve the missing digits of the card. Should the above not match to the previous transaction then your transaction will fail.

 

MIT - Recurring & MOTO

 

First Transaction

When performing your first transaction using application id: 00000000-263b-4315-b2cd-000000000000, the gateway will return the TransactionIndex, masked PAN and Expiry Date, which you will need to store in your database.


Debit with PAN

Process a COF transactions by setting CardholderPrense to “MOTO, Recurring ” and providing the full card details.

  • CardholderPresence": "MOTO, Recurring”
  • PAN:  
  • ExpiryDate: 


Debit with TransactionIndex 


Process a Recurring transactions by setting the PANFormat and “Sanitised/tokenised card details. 

  • PANFormat 
  • PAN:  
  • ExpiryDate: 
  • TransactionIndex 



The following field response values need to be stored on your database, linked to the card holder details.

  • TransactionIndex
  • PAN
  • ExpiryDate


Subsequent - Recurring Transactions

Now comes the time you want to debit the same card.  You will need to pass the following using application id 01010101-7694-4343-95EE-010101010101 which is not 3DS enforced.

Note that this is a different Application ID to the one used for initial transaction but must reside within the same user group.


For this transaction you need to also include the following fields on your request:

  • PANFormat: This must always be fixed to TransactionIndex
  • PAN: You must provide the previous transaction ‘s response value. The masked PAN must be populated.
  • ExpiryDate: You must provide the previous transaction ‘s response value.
  • CardholderPresence: must be set to “Recurring”

The combination of the above are used by the gateway to retrieve the missing digits of the card. Should the above not match to the previous transaction then your transaction will fail.

Network Tokens


What is Tokenisation?

Tokenization is a process in which the customers sensitive card information is replaced by a unique identifier ("token") which can be used to make online payments. 

What are Network Tokens?

Card Networks like Visa, Mastercard offer tokenization services, where the card network holds the card number (PAN) and replaces with a network token which can be used to effect online payments.

Benefits of Network Tokens

  • Seamless checkout experience and reduced customer friction as the payment token is carried across the payment ecosystem 
  • Reduces transaction failures attributed to expired or stolen cards

iVeri Gateway Token Vs Network Token

  • Network Tokens - Merchants or Payment Service Providers can do a direct integration for tokenization services with the card networks and only make use of the network token during payment instruction to the iVeri Gateway 
  • iVeri Tokens - Merchants processing iVeri tokenised transactions can be enabled for network tokens, the iVeri Gateway will manage the tokenRequest onbehalf of the merchant to the brand networks.

Use Cases

  • Online, ecommerce merchants where card acceptance is processed on web or mobile applications
  • Where merchants have customer profiles, along with card on file payment credentials