In a general sense, a digital wallet could be described as an electronic device, online service, or piece of software that allows you to make payments. They securely store your payment information and allow you to make purchases, these purchases could be online or in store.
The tokenization of cards into your digital wallet can be done in different forms; for simplicity we can think about this in the form of an apple or google wallet which will reach out to different entities to request a “token” or “digital wallet token” while presenting your card information.
This digital wallet token will replace the traditional PAN or payment account number, otherwise known as card number on your credit, debit or prepaid card. As a part of this, payment networks in regards to network tokenization and issuer processors who help in the issuance of digital wallet tokens generally think about tokenization split in two parts, the provisioning of a token into your digital wallets and the processing of transactions on digital wallet tokens. Provisioning is the act of a digital wallet token being added to your digital wallet while processing the transactional piece of this flow in which a token is being used to transact. The digital wallet token replacement of a PAN is also known as a DPAN (Dynamic Payment Account Number).
A token is more secure due to the abstraction of card information that can be used to make a purchase. This needs to be decrypted by the entities that either created the digital wallet token (the network in the instance of network tokenization) or the entities that have access to do so, namely the issuer processor associated with the network that issued the digital wallet token. The token is not linked in any way to the PAN except through the encryption done by the network that the token originated from, creating the ability for any payments not authorized to the original devices the token was provisioned to, to fail. This is also due to the lack of a valid cryptogram when transacting. A cryptogram is a technology that generates a one time code for use in a transaction. This one time code is sent in transactions on digital wallet tokens and is generated by the token and terminal where the payment is taking place. The cryptogram that is created is used to validate the transaction preventing.
Token provisioning is at the heart of secure, modern payment ecosystems like mobile wallets and wearables. By replacing sensitive card data with unique, device-specific tokens, it ensures a seamless and secure way for users to make payments, reducing the risks of fraud and increasing trust between consumers, issuers, and payment networks.
Tokenization is broken down into multiple stages:
The process begins when a user initiates adding a payment card to a digital wallet, wearable, or an app (e.g., adding a Visa card to Apple Pay, Google Pay, or a wearable device like Garmin).