Skip to main content

Network Tokens

Replace PANs with network-issued tokens to improve authorization rates, reduce PCI scope, and enable seamless lifecycle updates across the entire payment flow.
Section iconSection icon

Network Tokens are cryptographically secure payment credentials issued directly by card networks (Visa, Mastercard, American Express, Discover) that replace Primary Account Numbers (PANs) in payment transactions.

Unlike traditional card tokens that are issued by payment processors or gateways, Network Tokens are issued directly by the card networks themselves and adhere to industry-accepted EMVCo specifications. This allows Network Tokens to replace the customer's PAN at every step in the card payment lifecycle—from merchant to acquiring bank to issuing bank.

Start with a Guide

This page provides an overview of the Network Tokens services and best practices. For hands-on implementation, refer to the guides below:

Network Tokens Setup

Learn how to request access and configure Network Tokens within your Basis Theory tenants.

Implementation

Learn how to implement Network Tokens in your CIT/MIT workflows.

Testing Reference

Reference material for testing Network Tokens.

Overview

Network Tokens provide significant advantages over traditional payment methods, particularly for businesses with subscription models or recurring payment needs.

  • Supports Visa, Mastercard, Discover networks for all merchants.
  • Support for American Express is limited to merchants assigned to an SE (Service Establishment) number under a Direct relationship. Please reach out for more information.

Automated Card Lifecycle Management

Card networks automatically update Network Tokens when underlying cards are reissued or expire:

  • Eliminates failed recurring payments from expired credentials
  • Reduces customer churn from payment interruptions
  • Provides seamless payment experiences without customer re-enrollment

Security Benefits

  • Reduces real card data stored in the payment ecosystem
  • Network Tokens represent all card details, providing richer transaction context than PAN-only transactions
  • Option for transaction-specific cryptograms to provide additional verification per payment
  • Reduced PCI DSS compliance scope:
  • Card networks manage sensitive data - PANs are stored and secured by Visa, Mastercard, and other networks instead of merchants
  • Reduces systems requiring PCI controls - Token-only systems may be considered out-of-scope if properly segmented
  • Enables simpler compliance validation - May qualify for reduced Self-Assessment Questionnaires versus full audits
Last updated on