Skip to content


Tokenization is the process of substituting sensitive data elements with non-sensitive tokens or aliases, having no intrinsic or exploitable value. Our services such as card issuing and push-to/pull-from cards require tokenization of sensitive, unencrypted data elements such as card PANs and CVV/CVC security codes in compliance with PCI-DSS regulations. You are also expected to securely tokenize these sensitive data elements when handling them within your system.

Tokenization of a /transfer-to/card/register request

For example, when an external card is registered via the /transfer-to/card/register endpoint, if the card PAN is included in the registration request via the unencrypted clearCard object (as opposed to the encrypted card object), then the request will be intercepted by a secure tokenization gateway configured to listen for incoming card registration requests containing the clearCard object. The tokenization gateway will redact the sensitive data elements, replacing them with non-sensitive tokens (also known as aliases). The request will then continue through to connectFi, where it will be validated and properly formatted in preparation for the card payment processor. If the request appears valid and complete, then it will again be routed through the secure tokenization gateway, where the non-sensitive tokens will be revealed in the request to the card payment processor. The card payment processor then retokenizes the sensitive card data and completes the request. If successful, you will then receive a response indicating that the card was successfully registered. The response for this endpoint does not contain the card PAN (only the last 4 digits) and does not require tokenization. In this way, connectFi can ensure that sensitive card PANs and similar sensitive data elements are never stored in our system, nor are they handled without either tokenization or encryption in order to maintain PCI compliance and to protect your customers' card data.

The visual below demonstrates how tokenization allows a customer (end-user) request containing sensitive payment data to be processed without ever being handled by you (the merchant) or by the connectFi API service.

Push Push

Tokenization of an /ibis/debit-card/add response

Likewise, when issuing new cards through endpoints such as /ibis/debit-card/add, the PAN of the newly issued debit card is never stored by connectFi, nor is it ever revealed in our system. Rather, once an /ibis/debit-card/add request has been validated and prepared for the card issuer, it is routed through the tokenization gateway. After processing the request, the response from the card issuer is returned back through the tokenization gateway, which replaces the card PAN with a non-sensitive token before the response enters our system. Upon exiting the connectFi system, the response will pass back through the tokenization gateway, which will reveal the sensitive card PAN in the response to your system. In order to maintain compliance, you (the merchant) are responsible for tokenization in your own system when handling unencrypted sensitive data elements, such as card PANs. Thus, the "revealed" response should be retokenized before entering your system and, finally, revealed to your end-user, to whom the card was issued.

Push Push