Across every area of any business, when it comes to handling sensitive information such as consumer data, payment security is paramount. The restaurant and hospitality industry (including QSR businesses) is certainly no exception. Between growing concerns over security and changing legislation around compliance (such as the General Data Protection Regulation (GDPR) related to data protection in the EU), many restaurants and fast-food establishments now rely on tokenisation to keep sensitive information secure by turning private material – such as payment details – into virtual tokens.
By Dusty Miller, Head of Direct Sales at Worldline
The tokenisation phenomenon is part of a relatively recent, yet seismic, industry shift towards cloud computing. Businesses are increasingly enjoying the convenience of gaining speedy and easy access to consumer files, irrespective of where they might be. Cloud-based systems are also much more cost effective in terms of labor, operational and maintenance expenses. But, as the world shifts further towards total digitisation, the challenges around mitigating fraud and protecting payment data have increased. That is where tokenisation comes in, by replacing consumer information with secure tokens that protect it from being hacked. At a basic level, this means that if someone were to fraudulently gain access to a token, it would have no intrinsic value and, essentially, would be meaningless in the wrong hands.
Tokenisation – a layman’s guide
Simply put, tokenisation is a measure that is designed to protect all the data related to sensitive payment credentials. These details might include:
- Credit card numbers
- Cardholder names
- Expiration dates
- CVV codes
- Bank account numbers
Tokenisation achieves this by substituting payment data with non-specific IDs known as “tokens.” Each token is then randomly generated when a consumer supplies their payment information at the point of sale. Thus, tokenisation is an example of blockchain technology. By design, there is no link between the user’s payment details and the resulting tokens.
For example, a credit card number could be converted into a much shorter yet still totally random tokenised value. In other words, the consumer’s sensitive financial information is unreadable by anyone else, including the merchant. Tokenisation also allows the merchant to securely store payment details, for internal tracking and reporting purposes.
While payment details are often thought of as the Holy Grail for fraudsters, other data is becoming increasingly attractive to criminals for other purposes, such as ID theft. Furthermore, tokenisation can counteract these additional risks because it can be used to anonymise and protect any type of personal information such as names and ID numbers.
Not here just for the consumer – merchants and the wider QSR industry benefit too
Fundamentally, tokenisation is a fraud prevention and management tool. But it has multiple other benefits. In a world where efficiency is king, tokenisation also acts as a way of tailoring consumer actions and preserving convenience as part of the omnichannel experience, by removing the burden of repeatedly verifying one’s identity and entering credentials, each time.
Meanwhile, data mining continuously provides a wide array of optimisation and performance statistics that merchants can leverage, leading to an increased understanding of consumer journeys — and ultimately, better buyer experiences.
Enhancing loyalty forms an important part of the creation of a better consumer experience. This also matters for merchants, as ensuring loyalty encourages client retention. Tokenisation, and the blockchain technology behind it, solves many of the traditional friction points that consumers face, such as juggling multiple cards or passwords for different accounts. Instead, they can use loyalty tokens that are interchangeable between diverse programs and don’t lose value over time because of expiration dates etc. This ensures that the customer can maintain their loyalty to a variety of brands concurrently.
Trust is King
While tokenisation has become a hot industry trend, consumers are not necessarily engaged with its functionality. Instead, they crave the peace of mind that their personal information and identity is protected, that they can trust their favourite QSR brands and that they won’t become the next unwitting victim of fraud.
When it comes to success, consumer trust is something that requires sustained investment, commitment and time but it can be easily lost through just one bad experience. By providing simple, secure, and cost-effective methods like tokenisation, merchants can better focus on their core business and continue developing strong personal relationships with their consumers to make them feel at ease.
Top tips for adopting tokenisation
The benefits of tokenisation are many but understanding where to start in terms of embedding it into your systems, can be perplexing. First and foremost, before making any decisions, it is important to engage with a payments provider who can clearly outline the options and solutions that are best suited to your needs and environment. As such, any such potential partner should be:
- Adaptable and flexible enough to allow for a seamless integration into your business, in a time effective and simple way
- Compliant with the Payment Card Industry Data Security Standard (PCI DSS), which is a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment
- Able to stress test and benchmark the proposed solution, to provide true reassurance around reliability and scalability.
If these relatively straightforward guidelines are followed and adhered to, you are well on your way to delivering an enhanced purchase experience to your customers while enhancing valuable loyalty and minimising the cost and debilitating effects of fraud and other security breaches.
Dusty Miller, Head of Retail Sales, Merchant Services at Worldline
Dusty has over 17 years’ experience working in payments. His customer-centric approach has been key in successfully leading sales and relationship teams across the whole payments spectrum from acquiring through to ecommerce and full omni-channel digital solutions. He has a keen interest in innovation and a passion for helping clients navigate the complexities of the ever-changing payments landscape.