PCI-compliant tokenisation solution

Product facts

PaySourcing’s tokenisation solution protects your shoppers’ and merchants’ sensitive account details. PAY.ON shields you from hackers, security breaches and other threats with its highly secured environment, certified to PCI-DSS Level 1.

Tokenisation is an enabler for scenarios that otherwise need you to save and protect account details. Implement one-click checkouts, recurring billing scenarios or loyalty programmes while outsourcing regulatory concerns that are not your core business.

A token replaces highly sensitive data like card numbers, eWallet login IDs or bank account details. This token is not connected to these data in any mathematical way. It is not decodable. It is worthless for any hacker. It lowers your burden when handling such data. It keeps you out of a strict control through financial institutions such as PCI-DSS.


  • Register account details and get a token returned
  • No need to save account details in your system
  • Matching token and account details is only possible in the highly secured PAY.ON environment
  • Less sensitive data like BIN, last 4 digits, holder or expiry date can be saved for identification reasons without breaching card industry standards
  • Ideal supplement to PaySourcing’s hosted payment page solutions for fully PCI-DSS-compliant processing with no hassle
  • Captures and refunds, partial captures or receipts are fully available for tokenised accounts


  • No need to save any sensitive account details
  • Simple and secure implementation of scenarios such as one-click checkouts or recurring billing
  • Minimise PCI-DSS effort for merchants
  • Applicable for non-PCI-regulated data such as bank accounts or eWallets
  • Compatible with e-commerce systems and processors
  • Works with any checkout module

Technical features

  • The link between the token and the actual data exists only within PAY.ON’s PaySourcing platform.
  • The platform is fully certified according to PCI-DSS Level 1, meets the highest security standards and is operated by a team of experts dedicated to security, privacy and compliance.
  • The PaySourcing platform is operated in a data centre certified to PCI-DSS, ISO 27001 and ISO 9001 standards.
  • PaySourcing and hence the tokenisation itself meets your highest demands in terms of availability, scalability and reliability. PAY.ON takes “Always On” seriously.
  • Intelligent clean-up routines ensure the availability of your data as long as required by your business.
  • PAY.ON does not lock you in by holding your data hostage.
  • Your data belongs to you and if you decide to leave PAY.ON you will receive the data represented by the token.
risk check procedure

<< back to Payment Gateway Services