EMV Token Vault
Tokenization is a process of removing consumers’ primary account numbers (PANs) from the transaction process and replacing them with a unique identifier called tokens. This reduces the appeal of stealing these credentials as they would be largely useless to hackers. seaVAULT is a proven, secure token vault application that can be configured to operate in two modes of operations.
By default, seaVAULT operates as a merchant token vault application, designed to protect sensitive information or cardholder data when it is stored (‘at rest’), before and after a transaction has been completed. It reduces the risk and impact of a data breach and prevent fraudsters from hijacking PAN data through phishing attacks, malware and more. However, sensitive data is still vulnerable throughout the entire payment processing chain (‘in transit’), and not just at rest.
How it works
seaVAULT & seaVAULT EMV
To protect sensitive data while “in transit” or in use, seaVAULT is integrated with network tokenization services by global card schemes such as Visa, MasterCard and American Express. By doing so, transactions sent for authorization are now being initiated using Payment Tokens issued by card scheme instead of using the original PAN of the cardholder. This ensures an “end-to-end transactions are fully processed using tokenized data”, therefore making it useless to bad actors, who would interject at any point in time of the transaction processing.
Under the EMV Mode, seaVAULT operates as a software platform that enables you to perform/run the responsibilities of a Payment Token Service Provider (TSP), as outlined by EMVCo. This includes the generation and issuance of payment tokens, as well as the operation, lifecycle of tokens and maintenance of a token vault.
It consists of multiple modules running concurrently, perform a wide range of roles in the payments process, such as provisioning and managing credentials on mobile devices, as well as in the Cloud. It also enables the use of tokenization for in-store payment such as Apple Pay.
Tokenization Service (TNS)
Reduces fraud by surrogating confidential consumer PAN data and replacing it with EMV payment tokens, which are restricted in how they can be used according to “Token Domain Restriction” configuration. It supports both physical and ecommerce channels token provisioning in one place, making it simple to operate and administrate.
Transaction Service (TRS)
Integrated with network payment switch via ISO or API. It performs token transactions processing as usual before forwarding it to the authorization host. In particular, it calculates and verify the payment cryptograms on behalf of the Issuer authorization host and de-token it to PAN before sending over to Issuing Banks for authorization.
Token Credential Service (TCS)
Manages the issuance of ecommerce tokens, as well as contactless digital token payment cards, with its associated dynamic keys to a physical secure element, Trusted Execution Environment (TEE), Host Card Emulation (HCE), on a mobile device. It can be integrated with any existing trusted service manager (TSM) for Over-the-Air (OTA) secure remote provisioning.
Get in touch with us today
Whether you're a merchant, developer, or partner, your success is our priority, and we're here to ensure you have the best possible experience with our payment technology.
Have questions about our payment solutions or need assistance with your account? Drop an email to hello@seaunity.com today!
