Discover: Tokenization Removes Friction for Card-Not-Present Transactions

Maybe there’s one bit of stolen digital information fraudsters can’t make use of: tokens.

Calling them “the magic behind payments,” Valeri Vanourek, vice president of digital products at Discover® Global Network, told PYMNTS in an interview that tokenization is emerging as a double-duty asset for digital payments. It enhances payment security for merchants, issuers and consumers as they interact across digital channels without introducing any friction into the process.

“The token protects the data in the case of a breach … because it’s meaningless to a fraudster,” she said.

As Vanourek observed, if a fraudster gets their hands on a token, they won’t be able to complete a transaction.

Education Needed

On the merchant and issuer side of the equation, there still is some education needed about the benefits of tokenization, but Vanourek said merchants are keenly aware that they are at risk for data breaches and are looking toward tokenization as a key line of defense.

The key use cases that are benefitting from tokenization can be found in instances where cards are lost, stolen or need to be replaced, she said. Traditionally in those cases, cards have had to be replaced.

Now, because the token remains the same but is automatically updated, transactions can continue to flow seamlessly across various ecosystems with card-not-present transactions.

“The consumer does not have to update the card information anywhere,” Vanourek said. “That means fewer transactions are declined — and no late fees for consumers when in recurring or stored payment use cases.”

She ticked off several instances where tokenized credentials are critical in making sure that utilities, streaming services and even food delivery can continue to be used — and paid for.

Tokens can also be tied to “rich” data that improves fraud prevention and risk management, she said. States have begun to allow driver’s licenses and other documents to be used in authentication, and phones and IP addresses can all be harnessed to confirm that someone is who they say they are.

“We’re talking about the kind of data that can be used [from] spending patterns and device-level information that’s foundational to assessing risk,” she said. “Whether it’s on transactional, behavioral, geolocation or even biometric attributes, all of this data starts to provide a higher confidence that the transaction and consumer can be trusted.”

Consumer Awareness

Consumers have become increasingly conscious of the need to protect their personal data following several high-profile merchant data breaches over the past decade. A study commissioned by Discover Global Network found that the security of personal data and information has surpassed convenience and speed as the most important factor consumers consider when deciding whether to adopt a new payment method.

“Consumers are much more aware of data and the importance of protecting it,” Vanourek said. “They understand their personal and financial data can be stolen and used for fraudulent purposes. The more consumers understand the security and benefits behind their payment methods, the greater trust they’ll have.”

While some friction is still inevitable for authentication purposes, tokenization has helped minimize disruptions, Vanourek said. Consumers have grown accustomed to methods like one-time passcodes and are willing to accept some level of friction if it is user-friendly and minimal.

“Consumers are still expecting an easy transaction experience,” Vanourek said. “They certainly don’t want massive hoops to jump through to complete a transaction.”