Skip to main content
Tokenization is a process that replaces sensitive data with a non-sensitive, random string of numbers and letters. It’s an effective way for Tesouro to ensure your customers’ payment data is protected from criminal attempts like payment fraud, cyberattacks, or data breaches. There are two types of tokens:
  • Acquirer tokens - Tokens created by Tesouro.
  • Network tokens - Tokens created by the card networks (Visa, Mastercard, American Express, Discover, etc.), and not applicable to Bank Transfers.
When to Use
  • You need to securely store customer payment information for future transactions.
  • You want to minimize PCI compliance scope by not storing sensitive card data.
  • You need to support recurring payments or subscriptions.

Acquirer tokens

Create and save a token

Presenters/acceptors have the option to use tokenization, which when enabled, allows Tesouro to tokenize card/bank details, and return the token in the transaction response under tokenDetails.token. Pass tokenize: true in your transaction request along with the raw card details. Tesouro will process the transaction and return a token you can store for future use. 
mutation AuthorizeCIT($input: AuthorizeCustomerInitiatedTransactionInput!) {
  authorizeCustomerInitiatedTransaction(authorizeCustomerInitiatedTransactionInput: $input) {
    authorizationResponse {
      tokenDetails {
        token
      }
    }
  }
}
Store the returned token value securely — you’ll use it in place of the card details for all future transactions with this customer.

Re-use a token for future transactions

Later, when the customer purchases from you again, pass the token (along with expiration and security code details) instead of the raw card details.
ScenarioBen creates an account on CoolTechGear.com and saves his credit card information for future purchases. Instead of storing his actual card number, CoolTechGear.com uses tokenization to replace his sensitive card data with a secure token. Later, when Ben returns to buy a new set of keycaps, CoolTechGear.com uses the stored token to process his payment without requiring him to re-enter his card details.
mutation AuthorizeCIT($input: AuthorizeCustomerInitiatedTransactionInput!) {
  authorizeCustomerInitiatedTransaction(authorizeCustomerInitiatedTransactionInput: $input) {
    authorizationResponse {
      tokenDetails {
        token
      }
    }
  }
}

Network tokens

Network tokens are generated directly by card networks (Visa, Mastercard, American Express, Discover) and are not applicable to Bank Transfers. They offer additional benefits over acquirer tokens:
  • Automatic card updates - When a customer’s card is reissued (e.g. lost/stolen or expiry), the network updates the token automatically, reducing failed recurring payments.
  • Higher authorization rates - Transactions using network tokens are treated as lower risk by issuers, which can improve approval rates.
  • Broader portability - Network tokens can be used across different acquirers and processors.
Network tokenization is enabled at the acceptor level. Contact your Tesouro account manager to enable network tokens for your integration.