PPaas Tokenisation

PPaaS delivers Tokenisation Services that allow certain transactions to be performed without direct access to sensitive information such as card data.


Compliance with PCI-DSS

The data is securely stored and transmitted not in its ‘readable’ form but as a ‘token’ that maps back to stored data. This eases compliance with PCI-DSS. As an example, tokenisation is commonly used in certain loyalty scenarios. 

Due to the high sensitivity of tokenisation, the use of the Tokenisation API requires mutual TLS protocol (mTLS). Thanks to mTLS, both communicating entities (PPaaS and the client) are authenticated to each other and the messages exchanged between entities are encrypted. To use this API, and set up mTLS, please contact PPaaS Support.

To use the tokenisation API, you will need a requestor ID, which is an Identifier provided by PPaaS to your organisation for the tokenisation service.

Tokenization use cases include:

  • Create a token
  • Delete a token