Network token lifecycle management
Managing the full lifecycle of network tokens
Our system has been set up to automatically keep your network tokens up to date. We will automatically receive updates when the underlying card receives any updates, and we will apply this to the stored card details in our system.
The cardholder can interact with their card in multiple ways which can result in these lifecycle events.
- The contract with the issuer is terminated rendering all cards and related tokens invalid. In this case, all the associated network tokens are terminated and deleted.
- A user reports a card lost or stolen or damaged. In this case, the issuer issues a new card and all the associated tokens stay active but any data related to the underlying card number may change, for example, the last four digits of the card may change.
- The card expires. In this case, the issuer issues a new card and all the associated tokens stay active but any data related to the underlying card number may change, for example, the expiration date of the card may change.
- The user triggers a token revocation from the issuer side, for example from the issuer’s mobile banking application. In this case, any of the associated network tokens may be terminated and deleted.
All of these events are automatically managed when you use our Cloud Vault.
Usage data
Using different instruments per transaction attempt is possible. We provide insight as to which instrument was used per transaction attempt via the retry event report. This report can be fetched via the API or via the dashboard. In the report, the used instrument is listed per transaction attempt.
If the first attempt was done using the original card, and a retry was done using a network token, then the transaction will show as having used a “network token” in the dashboard.
Manual lifecycle management
Using the following endpoints it is possible to manually manage the token lifecycle for a stored token. Using these endpoints will change the status at the respective scheme token service and will notify the issuer.
-
Suspend token endpoint - Used to temporarily disable a provisioned token. The token will be temporarily suspended. The token can be resumed by using the
/resume
API. This API is only supported for Visa cards. -
Resume token endpoint - Used to re-enable a provisioned token. The token status will change from its previously suspended state into the active state. This API is only supported for Visa cards.
-
Delete token endpoint - Used to permanently remove a provisioned token. The token will be deleted and will need to be re-provisioned.
Was this page helpful?