Tokenisation and Card Vaulting
Tokenisation is the mechanism that lets you offer saved cards and subscriptions without ever holding card numbers. It is worth understanding because it underpins almost everything else in this group.
This article explains what a token is, where the real card data lives, and how vaulting works in practice.
What a Token Is
A token is a meaningless reference string issued by your payment provider. On its own it cannot be used to make purchases anywhere else, which is what makes it safe to store.
The Vault
The real card details live in the provider's secure vault, a heavily protected environment built and audited for exactly this purpose. When you charge a saved card, you send the token and the provider matches it to the vaulted card.
- Tokens are specific to your account and cannot be reused elsewhere.
- Vaulting is what enables recurring billing and one-click checkout.
- If you switch providers, tokens usually need a managed migration.
| Stored by you | Stored in the vault |
|---|---|
| Token reference | Full card number |
| Card brand and last four digits | Expiry and security data |
| Customer ID | Sensitive authentication data |
If you need a hand with any of this, your Progressive Robot delivery team is ready to help. Raise a ticket from the Support area of your client portal or speak to your account manager and we will guide you through the next steps.