Payment Tokenization

Eliminating payment data from your network is the best way to help ensure that your customer's sensitive payment information is safe. CyberSource Tokenization replaces sensitive payment data with a unique identifier or token that cannot be mathematically reversed. The actual payment data is securely stored in CyberSource data centers, which are operated by Visa Inc. Typically, the token will retain the last four digits of the card as a means of accurately matching the token to the payment card owner, enabling you to run your operations without card data in your environment.

Learn more about Payment Security:


  • Payment data stored in secure CyberSource data centers and exchanged for
    safe token
  • Tokens generated using proprietary algorithms and cannot be mathematically reversed
  • Token format fits legacy payment card data fields
  • Tokens support all payment actions and checkout models including one-time authorization, capture and settlement, recurring and subscription billing, credit and partial credit, split capture, reauthorization, and standard checkout


  • Reduces PCI DSS scope
  • Renders payment card data meaningless to hackers
  • Reconciles chargebacks and payments without handling payment data
  • Integrates with CyberSource Account Updater to automatically update          payment data for fewer failures
  • Works with your current systems and processor/acquirer

Implementation Guides

Payment Tokenization with the Business Center
Payment Tokenization with the SCMP API
Payment Tokenization with the Simple Order API