PCI Tokenization: What is the value of a Vantiv OmniToken

Blog Post created by on Jan 11, 2017

This will be a living document to capture questions about the Vantiv OmniToken.


What is the Value of an OmniToken?

The value proposition of OmniToken depends on use case:

  • For traditional eCommerce, the value prop has to do with PCI scope reduction.  Reduces the liability and risk associated with storing PAN data on servers which may be compromised by hackers.
  • For Apple Pay (in-app/on-the-web), the value is the reduced risk of a data breach as well as ease of integration because Vantiv is managing the PKPaymentToken decryption on behalf of the merchant.
  • For Android Pay (in-app/on-web), the value is ease of integration of Android Pay because Vantiv has a direct server-to-server integration with Android Pay for transmitting cardholder data.
  • For Android Pay (in-app/on-web), because of the server-to-server integration enhancements to Android Pay that are not available to direct merchant implementations will be announced soon.


What is the scope of an OmniToken?

By Q3, 2017 a Vantiv OmniToken will be able to be processed on any of the Vantiv processing platforms (eCom, Core ISO, Core 610, Core PWS, Mercury, and Element). The Vantiv OmniToken will also be available for use in-store in Q2 2018, allowing a merchant or ISV to consolidate their tokenization for CP and CNP transactions.


Can the OmniToken be used for new value-add/sales?

  • For OmniTokens that represent PAN data, for example, traditional eCommerce, an OmniToken can support all card-on-file use cases.
  • For OmniTokens that represent DPAN data (Apple Pay, Android Pay) OmniTokens can be used for recurring transactions and also partial shipment uses cases, but NOT card-on-file per network regulations. New regulations are coming that will allow DPAN to be used for card-on-file for certain use cases.


Can you get a better rate by processing with an OmniToken versus cardholder data?

No, the OmniToken is replaced with the corresponding cardholder data before processing with the card brands so, from a network pricing perspective, there are no differences whether processing an OmniToken with Vantiv or the card-holder data.


How do you get an OmniToken back from the platform after you have a low-value token?

When you process an AUTH, the response from the Vantiv platform will contain the OmniToken value.


Specifically for the eCom platform, OmniTokens are included within the response messages for the following transactions; Auth, Sale, Register Token, Capture Given Auth (Capture referencing an external auth) and Credit/Refund.


Does an OmniToken eventually lead to a customer identifier?

If a consumer takes their credit card number (PAN or "Primary Account Number") and loads that PAN into a mobile wallet such as Apple Pay, or Android Pay, what is stored in the mobile wallet is known as a "Network Token" also referred to as a DPAN ("Device Primary Account Number").  The DPAN is unique to the device, and for instance, if the same PAN is loaded onto an Apple watch, for example, the DPAN would be different.  Currently, the OmniToken value that Vantiv returns will be different for each DPAN, and for the PAN.


The card networks are introducing a new value called the "PAR" or "Primary Account Reference".  Vantiv will be introducing the PAR to the OmniToken product as soon as it becomes available.  This will allow merchants to create OmniChannel consumer experiences because they will be able to link together purchase history from their customers whether they shop in-store, online, in-app, or with a mobile wallet attached to their cell phone or another device such as their smartwatch.


For merchants with multiple locations, the Vantiv OmniToken can be configured such that the same OmniToken is returned for the same PAN, or DPAN, no matter which merchant location they shop at.