Tokenisation is a secure way to store card details with Peach, to enable you to collect payments on a recurring or single-click basis, from your customers. This is great for subscriptions business models, or services that are based on repeat purchases.
Main benefits of tokenisation
- Secure and seamless way of having a payment method linked to a customer profile, to improve customer loyalty.
- It is a great way to improve the customer experience and prevent drop off from clunky 3 way authentication processes.
Security of tokenisation
Tokenisation is a safe way to store sensitive payment information, because the token (which represents the payment method) is in no way decipherable.
Peach uses enterprise grade PCI DSS Level 1 compliant technology, to encrypt and manage the sensitive payment data.
A token is returned to your system, which you can store and reference in payment requests, when your system needs to charge the customer.
Two payment flows to be mindful of are summarised below.
Storing a card at checkout
Here your customer places an order and then when you charge the customer, the card is also stored for future payments.
Storing a card without a checkout
Here your user adds a card to their profile, and card is charged later. Typically the card needs to be tested with the bank but you also don't want to take any money yet from the customer. The solution is to reserve an amount of R1.00 (for Nedbank acquiring set the amount to R0.00) on the customer's card.
When a card expires
The card transaction response contains information such as the card's first 6 digits, last 4 digits and expiry month and year. It is safe to store this information in a table in your database, against the customer's profile. On a monthly basis you may run a cron to see which cards are due to expire and notify your customer to add a new card using the same CopyAndPay widget.