All merchants can create billing and customer tokens within their Merchant Services account in online banking using Token Management Services (TMS).  You do not need to sign up for TMS. A fee is charged for the creation of each customer and billing token, as noted on the Order Confirmation email.

TMS helps you to comply with the Payment Card Industry Data Security Standard (PCI DSS). TMS can help reduce the PCI DSS compliance audit questionnaire to a few check boxes, enabling most merchants to manage PCI DSS compliance faster and with less cost.

Tokenization exchanges sensitive payment data for a token that has no value outside of the payment system. Tokenization removes sensitive payment data from your environment to safeguard customer data while reducing your security risk for accepting card payments. 

Customer token

Customer tokens securely store information about your customer. Custom tokens are saved in a tokenized customer profile, storing information for repeat billing and other customer management purposes. A customer token saves a customer’s name, shipping address, billing address, contact information, and any custom fields you would like to collect. A customer token automatically creates a billing token. 

Billing token

A billing token securely stores the card information, like card number and expiration date. A single customer token can be associated to multiple Billing Tokens if desired. The functionality provided by Customer Tokens and Billing Tokens is commonly referred to as allowing merchants to keep “cards on file.”