Card schemes prohibit merchants from storing card numbers unless they comply with the relevant parts of the PCI DSS guidelines so Tokenization is a process that converts your consumers' sensitive data into a security token, a process involving hashing, encryption and secret keys.
This mechanism increases consumers' security because sensitive data (e.g. card number) is sent only once over the internet and then a token is used for the future requests.
AceHub Tokenization is a server-to-server API that gives you the possibility to collect your consumers’ card information in a secure manner and replace it with a token. This token can be used anywhere in the AceHub platform to either make payments or query information. It also removes the need for merchants’ servers to be PCI DSS compliant and does not require the consumer to send card data multiple times.
The main purpose of these tokens is to be reused in future transactions (e.g. recurring payments), where the merchant might need to charge the same card periodically.
Since this token is just a reference number, it is useless outside of the AceHub environment so there is no risk for the consumer in case it is stolen.
Important: Token creation is only available for credit cards.
The figure below shows the Tokenization concept implemented in AceHub:
AceHub - Tokenization Request Flow