Network Tokens

Last changes: 03-27-2023

Token Provisioning

Card schemes provide CardNetworkTokenization services by certified provider. A full PAN will be tokenized by a certified NTS (Network Token Service). The NTS keep the card details secure and provides services to decrypt the token / cryptogram for processing. A token works equal to the PAN, can only be detokenized by the token provider before the card details are used for processing.

The Tokenization API currently supports network tokenization through MasterCard and Visa.

The network tokenization solution uses the payment brand’s, and potentially other, token providers to tokenize card information in a way that allows the token to be used in payment transactions without the need to de-tokenize it before initiating payment processing. This same token is then used in any subsequent actions related to initial payment including clearing, settlement, refunds and dispute processing.

Process Flow

  1. Your server initializes a new Network Token provisioning by sending Create Network Token request to SmartPay API.
  2. Your server forwards the tokenId to your client for initialization of the SmartPay Network Tokenization SDK.
  3. The customer securely submits their payment information via the initialized Credit Card collection form which communicates to the Network Tokenization service for token provisioning and provides a JavaScript callback once finished.
  4. Your client triggers your server to verify whether the token provisioning was successful, based on the JavaScript callback, by calling the Get Network Token API and verifies its status.

Initiate Token Provisioning

Network token provisioning process starts with Crate Token API request with the following structure.



POST {Base URL}/network-tokens


Content-Type: application/json
Accept-Language: en-US

    "integrationFlow": "payment-form",
    "accountReferenceId": "7a854cb5-48c6-4a9c-955d-4eec5145bc6e",
    "accountCategory": "EWalletUser",
    "currencyCode": "EUR",
    "billingAddress": {
        "addressLine1": "259 Destiny View.",
        "addressLine2": "909 Deshaun Prairie",
        "city": "Independence",
        "countryCode": "DE",
        "number": "44",
        "postCode": "40233",
        "homePhone": "759146905"
    "shippingAddress": {
        "addressLine1": "759 London Path.",
        "city": "South Bryanastad",
        "countryCode": "DE",
        "number": "44",
        "postCode": "400606",
        "homePhone": "76374"
    "consumer": {
        "dateOfBirth": "1986-03-11",
        "title": "Mr",
        "mobilePhone": "838792",
        "culture": "de-DE",
        "firstName": "Kenyatta",
        "lastName": "Sawayn",
        "emailAddress": ""


    "tokenId": "687ee565-aea1-4d63-97dc-b9b02f0c9075",
    "createdAt": "2023-03-20T15:39:30.969Z",
    "updatedAt": "2023-03-20T15:39:30.969Z",
    "authorizationId": "4211a1cd-a868-471f-8158-965d8c96d891",
    "externalMerchantId": "9ff980b6-1fc6-4b61-9957-f8655b04cd9d",
    "status": "PENDING_PAYMENT_FORM"

Render Network Tokenization SDK for Card Data Collection

Our SmartPay SDKs are made up of light-weight libraries which allow to securely collect credit card details. This approach maintains a SAQ-A compliant payment-form solution while enabling you to build forward compatible experience which seamlessly combine your corporate identity with the required functionalities whilst adding some additional ancillary functions to ease integration.

Get Network Token Status

The Network Tokenization SDK as a result of form rendering returns the result of the token provisioning in promise object when the render function was executed. The promise can be handled by the integrator in order to do any additional steps. This should be the trigger for your server (backend) to call the Get Network Token API to verify the status of the provisioned token as depicted in the example below.



GET {Base URL}/network-tokens/{tokenId}


Content-Type: application/json
Accept-Language: en-US

Evaluate the response parameter "status" which should be:

  • "ACTIVE" if the token has been provisioned successfully and became available for payments
  • "ERROR" if the token provisioning has failed

Network token is returned in the field networkToken\tokenNumber. Can be used for cryptogram requesting during the payments.

tokenNumber, tokenReferenceIdentifier and tokenId must be stored for further requests or webhooks processing.