Latest Contact Centre News

How Tokenisation can Improve the Customer Experience

How using tokenisation can improve the customer experience offered by your contact centre

A customer’s experience (CX) when dealing with your contact centre can be the deciding factor in whether they continue to do business with you, or decide to switch to a competitor. Indeed, 73% of consumers say a good experience is key in influencing brand loyalties.

Increasingly, forward-thinking contact centres are putting their customers’ experience first. One way that customers’ experience can be improved when it comes to making payments is by using tokenisation, so in this blog, we are going to take a deep dive into tokenisation and how you can use it to help improve the experience that your customers receive.

What is tokenisation?

Tokenisation is the process of turning a piece of data into a string of characters (called a token) that has no meaningful value to anyone who views it. Tokens can take many forms; some can be random strings of characters, some will look like card numbers and pass Luhn checks, and some may be ‘format preserving’, for example, the last 4 digits may match those of the credit card.

Tokenisation and encryption are often treated as the same but in fact, there is one key difference. Unlike encrypted data, tokenised data is undecipherable and irreversible, whereas to reverse encrypted data you just need the encryption key. Because there is no mathematical relationship between the token and the original number, tokens can only be returned to their original form by the issuer of the token.

Tokenisation uses a database called a token vault, which stores the relationship between the sensitive piece of data and the token. Tokens can be single-use for a one-time transaction or used for recurring transactions.

Tokenisation is often used for securing payment card details but more and more often, tokens are being used to secure other types of personal and sensitive data including telephone numbers, email addresses, social security numbers, bank routing/account numbers – any data where security is paramount.

When tokenisation is used in a contact center for payments, the information that is tokenised is invisible and inaccessible to your contact centre agents (or anyone else) in the event of a data breach and because you are not storing payment card data, your systems are no longer in-scope for PCI DSS.

How does tokenisation work in practice?

When your contact centre agents are taking payment and the customer provides their credit/debit card details, the real card number (PAN) is replaced with a randomly generated token.

The token is sent across your networks to your payment/tokenisation gateway, where it is converted back to its original form and submitted for processing.  Your customer’s debit/credit card information is securely stored in the token vault. This vault is the only component that can map the token back to the related payment data.

When using a token for processing a recurring credit card payment the token is submitted to the vault and the index is used to retrieve the real value for use in the authorization process. To your customer, this operation is performed seamlessly and instantaneously.

More than a security measure – tokenisation opens the door to fast and hassle-free checkout experiences

So, the big question is, how can you use tokenisation to improve your customer’s experience?

The goal of most merchants these days is to provide a personal, frictionless omnichannel experience for their customers.

Customers expect fast and easy service and entering payment details for each payment can be inconvenient. When using tokenisation, customers will only need to provide their payment card data once, offering maximum convenience and helping to reduce the number of ‘abandoned’ transactions, particularly for online purchases.

Using CardEasy in your contact center alongside tokenisation ensures that when your customers provide their payment data, it is never heard by your contact centre agents and never enters your environment, protecting your customers’ sensitive data and removing your environment from the scope of PCI DSS. CardEasy allows you to tokenize payment card data without being exposed to it in the first place.

Using a tokenisation service ensures that your customers only have to provide their payment data once, giving them maximum convenience as well as data security.



Syntec’s CardEasy solution enables you to take card payments in your contact centres and by remote workers without the customer’s card details ever entering your own environment or systems. Whether you take payments by phone or via digital channels such as e-mail, SMS  webchat or social media, you can’t be at risk of a breach of the card payment data because you’ll no longer be privy to that data – and you will also be seen to have adopted ‘appropriate technical measures’ to be compliant, as required by the PCI DSS standards.  And most importantly, you won’t be faced with the never-ending task of trying to keep that very sensitive customer data secure.

For additional information on Syntec view their Company Profile

Image thanks to Jabra UK