What is Tokenization
Tokenization or stored card feature is a method to replace sensitive data like credit card details with
non-sensitive data. Whenever card is stored in 2C2P system payment API returns card token to merchant. This card token can be used in subsequent payment request. This allows merchant to build shopping experience where customer don’t need to enter card information every time during checkout.
Using 2C2P Tokenization merchant does not require complex and time consuming PCI-DSS certification process. All the sensitive information is only at 2C2P with most advance security and PCI-DSS compliance.
How does it work
The merchant initially send a normal payment request with indicator to tokenize the card details.
In the payment response message 2C2P sends a random string of alphanumerical characters that represent the card details.
This Token can be stored in merchant database and can be used for later transactions. In subsequent payment request merchant does not require send card number at all. Stored card token presents card number what is sent in payment request.
Enable / Disable 3DS
What is 3D-Secure
3D-Secure is authentication protocol for e-commerce transaction where card is not present on time of the purchase. Initially developed by VISA and known as Verified by VISA. 3D-Secure is adapted by all the major card schemes such as MasterCard, Amex, JCB and Discovery.
Merchant customers with 3D-Secure enabled credit/debit card will be redirected to bank website to complete authentication. Typically cardholder enter OTP (One-Time-Password) in bank website to authenticate as genuine holder of the card that is being used.
After authentication process is done the user is redirected back to 2C2P payment gateway with authentication result.
- Prevent fraudulent use of credit/debit cards in online payments
- Increase customer confidence in online payments with 3D-Secure merchant
- Protect merchant on chargeback cases with liability shift when 3D-Secure authentication is used
See a simplified process flow for 3D-Secure transactions below:
By default, transaction going through Redirect API are 3D-Secure enabled. 3D-Secure shift liability from merchant to the issuer in case there are fraud cases.
However, on certain condition, merchant might want to disable 3D-Secure, which can be done by setting 'request_3ds' parameter to be 'N'.
Payment Channel Options
2C2P Redirect API allows merchant to choose specific payment channels the customers are allowed to make payment with.
Items with big ticket size are allowed to be paid with IPP (Installment Payment Plan),
while smaller ticket size item are allowed to be paid only with Cash / ATM Transfer / iBanking,
and item that is time sensitive can only be paid with Credit / Debit card.
All of the above can be easily done with 2C2P Redirect API.
Available Channels Options
|Option code||Option description|
|A||All available options|
|B||Credit card and installment payment only|
|C||Credit card payment only|
|F||Full amount (No IPP Payment) payment only|
|I||IPP (Installment Payment Plan) payment only|
|K||KCP payment only|
|L||Alipay payment only|
|M||MPU payment only|
|P||PayPal payment only|
|U||UnionPay payment only|
|W||Wechat payment only|
|1||APM (Alternative Payment Method) payment only|
Available card brands and e-wallet
|DISCOVER||CUP / UPOP||MPU||ALIPAY||WECHAT PAY|
Available APM (Alternative Payment Methods)
2C2P works with more than 100 partners covering 320,000 physical payment location across SEA in a rapidly growing network.
|OVER-THE-COUNTER||BANK COUNTER||POST OFFICE COUNTER|
|ONLINE DIRECT DEBIT||WEBPAY||MBANKING|