Secure your data with credit card tokenisation

The credit cards tokenisation makes it possible to avoid direct card storage, which means having to manage the protection of this sensitive data and bear the cost of a PCI-DSS infrastructure.

écran de téléphone récapitulant les informations de virement avant la validation du client
encaissement de factures : plan de règlement et choix entre paiement par carte ou prélèvement SEPA


Reducing the scope of compliance audits

With tokenisation, bankcards are replaced by a tamper-proof token. Each token corresponds to a unique, secure string pointing to the data to be protected, be it a credit card number, an IBAN or any other data to be secured.
Sensitive data is stored in the PCI-DSS CentralPay infrastructure and is available at any time via a dedicated API.
This means you only own tokens, which are unusable in case of an intrusion or compromise of your information system.

CentralPay is PCI-DSS Level 1 compliant, the highest level of the standard.


Replace payment data with a unique token

We secure the processing of sensitive data for you by means of credit card tokenisation. These are stored in CentralPay's electronic safe, guaranteeing compliance with a number of PCI-DSS standards.
By removing this data from your environment, you lower your data protection constraints, divide the number of audits you need to carry out, and reduce your cost of compliance.

tokenisation de carte bancaire : numéro de token
tokenisation de carte bancaire : carte bancaire


Benefits of the CentralPay credit cards tokenisation service

picto symbolisant la mise en conformité

Eliminates sensitive data
protection requirements

picto symbolisant le stockage sécurisé de data

Secures and stores
your customers’ sensitive data

picto symbolisant la réduction des frictions

Simplifies and reduces
PCI-DSS compliance costs

Use case

How does CentralPay tokenise your card data?

One or more VMs host your application within the PCI-DSS CentralPay infrastructure.
Sensitive data is processed via a secure exchange and then returned in the form of a tamper-proof token.
Sensitive data remains stored in the CentralPay electronic safe.
The data to be secured is restored using the token and identification parameters supplied by CentralPay.

Frequently asked questions

Learn all about CentralPay tokenisation service

When paying online by credit card, card data is anonymized and converted into a unique string of characters, known as a "token". These tokens are securely stored in the CentralPay infrastructure, making them tamper-proof. Real card information is removed to reduce the risk of fraud.

Tokenisation offers several advantages:

  • Enhanced security: Sensitive card information is stored in encrypted format within the CentralPay infrastructure.
  • Frictionless payment processing: With tokens, merchants reduce and simplify their processing and compliance requirements.
  • Simplified recurring payments: Once stored, a token can be used several times, without the payer having to re-enter their card details.

Tokenisation is a technological process that meets the compliance needs of entities operating credit card transactions and in contact with potentially sensitive data: e-commerce, marketplaces, digital platforms, physical stores...

The CentralPay infrastructure is PCI-DSS Level 1 certified, the highest possible certification for bank data security and fraud prevention. Every year, the tokenisation service takes part in obtaining the PCI-DSS standard, which certifies compliance with credit card data protection standards.