Search

Are you looking for test card numbers?

Would you like to contact support?

Online-payment icon

Network tokenization

Use network tokens to process payments with Adyen for better authorisation rates.

Card networks, like Visa and Mastercard, offer their own tokenization service called network tokenization. This takes your shopper's card and provides a token unique for your shopper and your specific company. These network tokens reduce the risk for the shopper and can result in higher authorization rates.

Adyen also provides a tokenization service to store recurring payment details of your shoppers. For further details on the service, see Tokenization.

Network tokenization is separate from Adyen's tokenization service. With Adyen tokens, you don't have to make payments with raw card data, reducing your PCI scope. Network tokens are indistinguishable from raw card numbers. They are uniquely generated for that particular shopper-company pairing, different from the shopper's actual card number, and require full PCI compliance to handle them. You can tokenize with Adyen's tokenization service while also using network tokens from the card networks to make payments with us. This keeps your PCI scope limited while still taking advantage of the potentially increased authorization rates.

With our network tokenization service, you can:

  • Give shoppers a better shopping experience as network tokens are maintained by card networks and are thus automatically updated.
  • Have higher authorisation rates compared to payments made without network tokens.
  • Adopt EMVCo's network token standards with minimal integration efforts.

Implementation options

To make payments with network tokens, you can either:

Network tokens from Adyen

You can choose to have Adyen provision the network tokens for you, if you're not already collecting them from card networks. To do so, you need to contact our Support Team and ask them to enable the feature for you.

To make a payment using a network token provisioned by Adyen:

  1. Make a payment request with either raw card details (PAN) or an Adyen token (recurringDetailReference). We will attempt to process the payment using a network token. If this fails, we will automatically retry the payment using the raw card details or the recurringDetailReference you provided in the request.

The following code sample shows how you can make a payment request with an Adyen token.

{
  "amount": {
    "currency": "USD",
    "value": 1000
  },
  "reference": "YOUR_PAYMENT_REFERENCE",
  "paymentMethod": {
    "recurringDetailReference": "8315196498436013"
  },
  "shopperReference": "YOUR_UNIQUE_SHOPPER_ID",
  "returnUrl": "https://your-company.com/...",
  "merchantAccount": "YOUR_MERCHANT_ACCOUNT",
  "shopperInteraction": "ContAuth"
}
  1. You receive a payment response. This also includes an additionalData object containing:
    • retry.attempt1.acquirer: The acquirer processing payments on your behalf.
    • retry.attempt1.acquirerAccount: The acquirer account specific to you.
    • retry.attempt1.responseCode: The numeric acquirer response code from the card network for a refused or cancelled payment.
    • retry.attempt1.rawResponse: The details of the raw unmodified response from the acquirer for refused or cancelled transactions.
    • retry.attempt1.networkTokenOffered: Whether the transaction was attempted with or without a network token.

The following examples show the additionalData object in the payment response that provides the details of an attempt (attempt1) with a network token, followed immediately by another attempt (attempt2) with the raw card details or the recurringDetailReference.

{
   ...  
   "additionalData": {
      "retry.attempt1.acquirer": "Acquirer",
      "retry.attempt1.acquirerAccount": "AcquirerAccount",
      "retry.attempt1.responseCode": "7",
      "retry.attempt1.rawResponse": "Pickup card, special condition",
      "retry.attempt1.networkTokenOffered": "true"
   }
}
{
   ...
   "additionalData": {
      "retry.attempt2.acquirer": "Acquirer",
      "retry.attempt2.acquirerAccount": "AcquirerAccount",
      "retry.attempt2.responseCode": "7",
      "retry.attempt2.rawResponse": "Pickup card, special condition",
      "retry.attempt2.networkTokenOffered": "false"
   }
}

You will receive notification webhooks informing you about the outcome of the payment. As part of the AUTHORISATION notification, the same additionalData object from the payment response is present as additional information.

Network tokens from card networks

If you're already collecting network tokens from card networks (for example, from Mastercard and Visa), you can use these to make payments with Adyen. In this scenario, you need to send the token information in the payment request to us. To use network tokens for your payments, you need to use the /authorise endpoint.

Before you begin

Before you start processing payments with network tokens, make sure you enable the relevant fields that will provide you with card details and network token information in the payment response.

To enable the relevant fields:

  1. Go to Customer Area > Account > API URLs > Additional data settings.
  2. Enable the following fields:
    • Network Transaction Reference
    • Card bin
    • Network token bin and summary for tokenised payments
    • Card summary
  3. Click Save configuration.

Make a one-off payment or the first payment in a subscription

In your /authorise call for the first payment in a subscription or contract with a network token, provide:

  • card.expiryMonth: The expiry month of the network token.
  • card.expiryYear: The expiry year of the network token.
  • card.holderName: The name of the cardholder associated with the network token.
  • card.number: The network token you get from the card networks (for example, from Mastercard and Visa).
  • mpiData.directoryResponse: Y
  • mpiData.authenticationResponse: Y
  • mpiData.cavv: The cryptogram value. This is the cardholder authentication value you get from the issuer.
  • mpiData.eci: The electronic commerce indicator you get from the issuer.
  • recurringProcessingModel: Check the different processing models for transactions to choose the option for your business model.
  • recurring.contract: EXTERNAL
  • recurring.tokenService: Use:

    • VISATOKENSERVICE: if the network token was issued by Visa.
    • MCTOKENSERVICE: if the network token was issued by Mastercard.

The following example shows what a request for the first payment of a subscription would look like:

{
   "merchantAccount":"YOUR_MERCHANT_ACCOUNT",
   "reference":"YOUR_PAYMENT_REFERENCE",
   "amount":{
      "currency":"USD",
      "value":"1000"
   },
   "selectedBrand":"visa",
   "card":{
      "expiryMonth":"08",
      "expiryYear":"2020",
      "holderName":"CARDHOLDER_NAME",
      "number":"666666xxxxxx6666"
   },
   "mpiData":{
      "directoryResponse":"Y",
      "authenticationResponse":"Y",
      "cavv":"AAEBAwQjSQAAXXXXXXXJYe0BbQA=",
      "eci":"05"
   },
   "recurring":{
      "contract":"EXTERNAL",
      "tokenService":"VISATOKENSERVICE"
   },
   "recurringProcessingModel":"CardOnFile"
}

In the response of the first payment in a subscription or contract, you can find the networkTxReference field. This field is used to make subsequent payments for Visa.

Make recurring payments in a subscription

In your /authorise call for recurring and subscription payments, provide:

  • card.expiryMonth: The expiry month of the network token.
  • card.expiryYear: The expiry year of the network token.
  • card.holderName: The name of the cardholder associated with the network token.
  • card.number: The network token that you receive from the card networks (for example, from Mastercard and Visa).
  • recurring.contract: EXTERNAL
  • recurring.tokenService: Use:

    • VISATOKENSERVICE: if the network token was issued by Visa.
    • MCTOKENSERVICE: if the network token was issued by Mastercard.
  • networkTxReference: For Visa only. This is the Visa Transaction ID. This allows the issuing bank to link the subsequent recurring charge on a network token with the initial one that used a cryptogram. You can get this value from the payment response of the initial payment.
{
    "merchantAccount":"YOUR_MERCHANT_ACCOUNT",
    "reference":"YOUR_PAYMENT_REFERENCE",
    "amount":{
        "currency":"USD",
        "value":"1000"
    },
    "selectedBrand":"visa",
    "card":{
        "expiryMonth":"08",
        "expiryYear":"2020",
        "holderName":"CARDHOLDER_NAME",
        "number":"666666xxxxxx6666"
    },
    "shopperInteraction":"ContAuth",
    "recurring":{
        "contract":"EXTERNAL",
        "tokenService":"VISATOKENSERVICE"
    },
    "additionalData":{
        "networkTxReference":"MCC123456789012"
    }
}

In the payment response, you can find details of the actual payment, such as the BIN and summary of the card that was actually charged.
The following example shows what a sample additionalData object in the payment response would contain:

{
   ...
   "additionalData":{
      "cardBin":"541333",
      "networkToken.bin":"666666",
      "networkToken.tokenSummary":"6666",
      "cardSummary":"1111",
      "networkTxReference":"MCC123456789012",
      ...
   }
}

See also