Introduction To Token Payment System
Token payment is a security level that tokenizes (encrypts) card information. It is a high-quality online payment method. By introducing it, the card information will be authenticated by our payment system, so the merchants have no need to handle payment. It’s a service that allows you to introduce card payment while using your payment screen, i.e the merchant screen.
<Difference from the conventional HTML method>
With the HTML payment method provided by the conventional payment agency, purchase is done at the member store’s site. After deciding the product, the customer is moved to the payment agency page on the purchase screen and enters the credit card information.
| HTML method | Token payment | |
|---|---|---|
| Site transition |
There is a site transition It will transition to Max Connect service on the payment screen. |
No site transition It will be Settled on the member store’s site. |
| Payment screen design |
Max Connect design Settle from the payment page specified by us. |
Payment screen of member stores The payment screen designed by the member store. |
However doing this needs the merchant website to be PCIDSS compliant, which is an expensive process to get through. As customers might be anxious since they are moving to a different website for the payment.
By introducing token payment, it will be possible to complete payment within the member store site, so the above anxiety disappears. Highly safe without missing customers who are willing to purchase.
When you try to make a payment, the above pop-up will be displayed on the member store’s site.
Enter your card information and press “Complete card information” to return to the site.
<Background of token payment development>
Overseas payment agency meeting from the desire to have member stores use the payment system with peace of mind,We have started to develop a token payment system, which is rare for the company.
Credit card usage is increasing year by year, and the amount of fraudulent damage is also increasing accordingly.
According to the announcement by the Japan Credit Association, it was 23.54 billion yen in 2018 and 13.7 billion yen in the first half of 2019.
There are various methods of fraudulent use such as skimming and via phishing sites, but there is an EC rhino. Here are some examples of possible credit card information leaks.
<Case: Damage caused by incorporating a fake payment page into an EC site>
The attacker tampered with the program on the EC site to embed the mechanism of the red frame, and fake card payment image It is a mechanism to transition to the surface and enter the card information.
If you enter the card information and click the payment execution button, “Payment failed” will be displayed on the screen. However, the information entered is received by the attacker. After that, settle the re-payment button You will be taken to the company page and payment will be made. Enter card information such as 16-digit number, CVV code, I didn’t feel suspicious even if the payment failed because I had to enter the expiration date accurately. maybe.
<Security of token payment>
1. Reduce the risk of card information leakage from member stores
2. Implemented non-holding corresponding to the installment sales method
1. Reduce the risk of card information leakage from member stores
Entered by the purchaser by using token payment by the online shop (member store) Credit card information using a programming language called JavaScript Convert (encrypt) to another character string so that the card information cannot be specified, and make a card payment. It is possible.
■ Token payment / data flow
- A. The purchaser enters the purchaser information such as the address in the member store (online shop).
- B. Use JavaScript to send the purchaser’s credit card information to the member store Send directly to the settlement agency without going through.
- C. Replace (encrypt) with another character string so that the card information cannot be identified, Returned to purchaser in “token” format .
- D. Send the purchaser information and the generated “token” to the payment agency .
- E. Purchaser at 2 at the settlement agency based on the “token” received from the member store Restore the card information you entered more directly and request credit from the card company.
- F..The credit result is returned to the purchaser from the card company, and the purchaser places an order from the EC site.
Receive completion. As shown in bold above, “card information does not go through member stores”, so ” It can be said that the biggest feature of token payment is that “card information cannot be specified”.
2. Non-holding corresponding to the installment sales method
Under the installment sales method, it is necessary for member stores to not hold credit cards. By implementing token payment, the information that passes to the member store’s server is encrypted. Since it is only available, credit card information can be hidden.
<Introduction method>
If you have an SSL server installed, you can implement token payment.
Please contact us for more information.
<Introduction of token payment for overseas payment>
Some of the major domestic payment agents support token payment.
Our company Max Connect Co., Ltd. mainly handles overseas payments. Propose overseas payment There are not many companies that can introduce token payment.
We can also handle industries that want to make highly secure payments but cannot pass the examination of domestic payments It came to be.
Ideal for use in the following industries.
EC shop management company
Web content management company
Subscription model operator
MLM operating company, etc.
In addition, it will be a service for those who have the following requests.
・Operates a service that completes payment on the website
・I want you to proceed to payment with your own design
Please contact us for more information.