Documentation

TokenHub

Suggest Edits

Introduction

A unified tokenisation solution for Card on File token provisioning, token processing and ALT ID. ‘Token Hub’ uniquely supports card Network tokens and Issuer specific tokens using a single API integration. This unique solution is built which supports all major card networks including Visa(VTS), Mastercard(MDES), NPCI (NTS), American Express(ATS) and leading issuers facilitating both network and Issuer tokens.

Token Generation:  Implement Tokenize API for token generation that creates unique and secure tokens based on the EMVCo standards.  Sensitive information in the request payload like Card data is protected using AES 256 symmetric key payload encryption.  Tokens are generated with Token Expiry date. Token Expiry date will be the same as card expiry date.  Ensure that the tokens have a limited lifespan to enhance security.   

Token Storage:  Design a secure storage mechanism to store the generated tokens.  Generated tokens are encrypted using Payment HSM and stored in the database securely.  Consider data backup and disaster recovery strategies to prevent data loss. 

Token Retrieval :  Create Detokenize APIs to retrieve tokens based on the client requests.  Tokens should be retrieved securely with appropriate access controls and validations.  Token data in the response will be encrypted using AES 256 symmetric key encryption.   

Token Lifecycle :  Implement Delete API for API consumers to revoke or invalidate tokens if needed.  Implement a scheduled job to automatically expire tokens after a certain period or based on predefined conditions.   

 
Observability :  Monitoring and alerting setup will be done to detect success rate, anomalies, errors, or suspicious activities in real-time.   

High Availability and Scalability:  Token vault system will be designed to be highly available and scalable to handle increasing load and traffic.  The system will support up to 500 TPS.   

API Documentation:  Comprehensive API documentation for the partners who want to integrate with the token vault system will be created and shared.  Wibmo TokenHub will create client SDK in Java to support quick API integration for the consumers using java based micro services.

https://apimanagement.readme.io/reference/tokenize

Updated 4 months ago