Creating a token
Tokens enable you to process transactions that involve confidential financial data without storing or handling the financial data on your server. It also enables you to offer your customers the opportunity to save their payment card data for future use.
We offer a more detailed discussion about tokens and tokenization on this page.
Creating a token in the transaction flow
Most payment processing configurations in Amazon Payment Services will require you to process transactions by making use of tokenization. In other words, to successfully process a transaction, you must generate a token during the transaction flow.
Sometimes tokenization occurs automatically as part of the transaction flow. For example, our standard merchant page integration route automatically generates a token to facilitate a transaction.
We request that you use tokenization because doing so means that your website and your server is never required to handle sensitive financial data.
It is easy to create a token in ordinary payment transactions, in fact it happens automatically. When you send your transaction request we automatically generate a unique token name. We send the token name in the request response and associate your customer's payment card details with the unique token name.
If your customer agrees that you store their payment card details for future transactions, you will use the same token name the next time that your customer shops with you and pays.
To learn more about tokenization as part of the transaction flow we recommend that you read the API reference for the relevant transaction flow. For example, read our API reference for standard merchant page integration if you are processing ordinary online shopping transactions.
Creating a token as a distinct step
In some circumstances, tokenization will occur as a distinct step that does not necessarily involve a payment. A simple example would be where your customer wants to sign up and store their payment card details for future transactions -- without making a purchase at the time that they sign up.
Another use case may be where you want to retain your customer's payment card details for a future charge on an order your customer has already confirmed. This may be necessary where you only want to charge your customer once an item ships -- and where the shipment date is not in the immediate future.
In either example you can choose to create a token that allows your customer to store their payment card details with Amazon Payment Services. You can then use this token to charge the customer's card in the future, without requiring customer action.
Creating the token is simple. You send a request to our server to create a new token, including your customer's payment card details in the request. We respond with a unique token name and associate your customer's payment card details with that token name.
Note that Amazon Payment Services does not verify the validity of your customer's payment card details if you perform tokenization as a distinct step. We will only verify the validity of the payment card details associated with a newly created token once you attempt to charge the customer's payment card.
You may choose to bill and immediately refund a small amount to your customer's payment card in order to verify your customer's card details and to ensure that you can use the token for future billing.
We provide a specific API for token creation -- refer to the API reference.
Go to the full API reference
Tokenization is a complex element of payment processing. We suggest that developers read our full API reference on tokenization. We also cover the process of creating a token in more depth here.
Need further help?
If you get stuck feel free to get in touch with the Amazon Payment Services team. Just message our support team at firstname.lastname@example.org.