On this episode of Payments Dialog, we provide an overview of Network Tokenization and how it fits into an organization's Revenue Optimization strategy.

We interview Clay Hefner, product manager at Spreedly who provides us with real-world examples of how Network Tokenization is used and answers questions like, "How can I have better success rates?" And "How can I reduce my fraud burden?" And "How can I improve my customer experience?" All with a goal of optimizing revenue.

Questions about your Revenue Optimization strategy and how Spreedly can help with Payments Orchestration? Reach out to us here.

Rough transcript of Payments Dialog:

Peter Mollins:

Hi, everybody. This is Peter Mollins with Spreedly. A great pleasure to be back with you for another edition of Payments Dialogue. Today I'm joined by Clay Hefner who's product manager over at Spreedly. Clay, welcome to the discussion.

Clay Hefner:

Thanks. It's good to be back.

Peter Mollins:

Excellent. Well, we're going to have another good chat today, I know that. And today we're actually talking about network tokenization, which is an important topic for reducing fraud and improving success rates in general. Love to dive in a little bit. But before we do though, just want to get a bit more about your background, for those folks that might not have seen you in some of the previous sessions we've had.

Clay Hefner:

Yeah, yeah. So I've been here with Spreedly for about a year, focused on a lot of our payment methods. So the vaulting team is what we call it here. Apple Pays, Google Pays, accepting credit cards, things of that nature. My main core focus. Previously, I was on the merchant side, worked for a company called McClatchy, handling their subscriptions and payments [inaudible 00:01:05] really.

Peter Mollins:

Okay, terrific. So the context for network tokenization that we're going to be going in. For Spreedly we fit that under this broader notion of revenue optimization. And maybe you can describe just for listeners what revenue optimization is and maybe how it fits into this broader notion of payments orchestration?

Clay Hefner:

Yeah, absolutely. I think in order to understand revenue optimization you briefly have to touch on revenue enablement. So what is revenue enablement? It's just kind of the core basis of being able to accept payment methods and make transactions. Very much bread and butter. A lot of industry does this. So once you have that as your foundation, then you really want to start optimizing your payments. So when you think about RO, it's really about how can I have better success rates? How can I reduce my fraud burden, which ultimately saves me money? And how can I just have this better customer experience, which once again should translate into more successful transactions, which translates into optimizing your revenue. Just essentially bringing more profits back to your company.

Peter Mollins:

Okay. Terrific. So when you think about revenue optimization and how Spreedly offers it, what are the kind of the components of optimization, if you we were to start breaking it down into its constituent parts?

Clay Hefner:

Yeah. So I would say the foundation it's something that we've been doing for a while is really like account updater. So if you have a card on file and let's say it gets a new card number, the expiration date is updated. You want to keep that up to date, right? And that's something that we've offered for a while and will continue to offer. A little bit of foreshadowing that maybe the next evolution on top of that is network tokenization. It's this next evolution of keeping those cards on file up to date, but also more secure. And then I also think the other piece with RO is making sure that you're routing your transactions appropriately. So once again, you try to optimize the authorization rate, making sure that you've got the best chance of that authorization in that transaction actually happening. So I call that smart routing.

Peter Mollins:

Okay, great. So we've got these three elements here. We've got account updater, we've got the next generation of account updater if you will as network tokenization, and we've got this notion of smart routing. What were the kind of the benefits, the business values that a company gets by implementing this notion of optimization?

Clay Hefner:

Yeah. So I think the benefits really go back into a couple of key areas. First is increased authorization rates. So once again, if your cards are up to date, if your payment methods more generally are up to date and they're being routed appropriately, you're going to have higher authorization rates. Also, I briefly touched on it. I think if you optimize your checkout experience and your account management experience, let's just use the umbrella term, like customer experience in general, you're going to have happier customers and you're going to have less churn. And the last piece I think is once again it's like that fraud reduction. Like, can you keep everything secure? Can you make sure not only that it's secure from your servers or maybe your payment provider server, just make the whole ecosystem more secure. Remove that risk because they're just like billions of dollars that are paid out annually because of fraud. Let's just remove that.

Peter Mollins:

Okay, great. And I know we're going to get in a little more detail into how network tokenization does reduce fraud and improve success rates. And even just to put everyone on tenterhooks, we're going to even hear a little bit about some of the improved success rates and what we're seeing in the industry. So, that will be pretty exciting to get into. So, but before we do, we have to get a notion of what this network tokenization is. It sounds impressive, but what is network tokenization at its core?

Clay Hefner:

Yeah. So, if I had to say it in a sentence. A network token is a credit card PAN alternative that is merchant specific. It looks very much similar to the PAN, it's 16 digits, but it's this payment method that can securely be transferred throughout the ecosystem. So if maybe like the PCI token aspect of it just makes it secure from your server to say your payment service provider like Spreedly, this network token is secure throughout the whole ecosystem and it's merchant specific.

Peter Mollins:

Okay. Now this came out of a broad industry initiative, didn't it? The card networks, Visa, MasterCard, et cetera, they were working together. So maybe, can you tell me a bit of how this came together?

Clay Hefner:

Yeah. And actually it's kind of a cool story. So when you think about the proliferation of mobile devices, it really kind of picked up in the early aughts, right? Or may maybe the aughts isn't right. Probably call it like 2009, 2010. And you know, the big card networks got together because they realized these card not present transactions were really going to pick up. So for most folks, they're probably pretty familiar, most of our credit cards nowadays have the chip enabled on it. And when the card networks introduced the chip, and that's been around for quite a while, their purpose there was to reduce fraud at the till. If your card doesn't have that chip, which is much harder to reproduce from say our old cards that just had the magnetic swipe, but the chip really reduced the fraud at the till.

Clay Hefner:

So they got together in 2010 and said, "How do we do this for mobile transactions?" And really the introduction was the standard payment tokenization. The first standard came out in about 2014 I believe, mostly focused on like your Apple Pays, your Google Pays of the world, those mobile transactions through near-field communication. So when we talk network tokens and we talk cryptograms, there's a lot that's intertwined with that because network tokenization is for e-commerce, which was introduced in 2017 is kind of like the version two of that. How do we take our e-commerce transactions and really reduce the fraud implications, make the whole ecosystem more secure? So payment tokenization was really their solution for that.

Peter Mollins:

Okay, great. And so we touched on fraud and success rates, anything else that you want to highlight in terms of business value of why merchants should get excited? Merchants platforms, marketplaces, digital businesses in general, why they should get so excited about network tokenization?

Clay Hefner:

Yeah. I think there's two things that I haven't mentioned. Once again, coming from the merchant side of the house. Account updater has been around for a while, right? Making sure you get those updates to the payment method has been around, it's not new. But it's not perfect either. It is very reactive. You either have to run those on a periodic cycle, or you have to wait for say a transaction to fail, and then you run it and realize the card has actually been up to date. Network tokens actually, because they're issued in partnership with issuing banks are pushed what are called life cycle management updates.

Clay Hefner:

So think of it this way, the token itself is evergreen. Let's say a new expiration date or an even like a new card number is issued. The token and whoever has that token actually receives those updates from the issuing banks, from the card networks directly. So Peter, if you were to have say a token with my business, I would actually get those updates and say, "Hey, Peter, just to update you. I now have your latest four on file. And I also have your latest expiration date." Which is great, because me as the merchant, I don't have to worry about you churning because your payment is no longer valid.

Clay Hefner:

You as the customer have a better customer experience, because you don't have to worry about actually going in and manually typing, and the mental fatigue of just all the different places we keep our cards. So there's really a huge customer benefit there. And along with that, along with those lifecycle management updates, they can also push detailed card art, which as kind of a UI nerd I think is really cool. The card that's in your wallet can actually be in your account page too.

Peter Mollins:

Oh wow.

Clay Hefner:

So, yeah. So when I have my Mickey Mouse card, I can actually see it there inside of my account page. And I don't know, it just creates this affinity, this trust that like, "Hey, they have right card on file for me."

Peter Mollins:

That's great. So this idea of evergreen for the card itself, that must be incredibly exciting for companies that use subscriptions, for companies that expect and try to encourage repeat business, like with stored cards. So that must be incredibly exciting for all those kinds of companies.

Clay Hefner:

Yeah. I really think anywhere where you've got recurring payments, network tokens really make sense. I hate to harp on COVID it's the topic du jour. But you know, when you think about quick serve restaurants and like order ahead, and even like, I think that will probably extend into retail too. This is a perfect opportunity to take advantage of that. Like let the customers securely store their card, tokenize it and get all those benefits. It's just a really good benefit for both the merchant and for the customer that's keeping their card on file.

Peter Mollins:

Yeah. I got to imagine, like having that card art, the better trust, not having to re-enter your card. The fact that there's, it sounds like, I know we're going to talk a little bit more about this, but reduced fraud. All those things, at the end higher success rates. I mean, all those things combined together to mean just a better customer experience in general for someone, for our customer.

Clay Hefner:

Yeah, absolutely.

Peter Mollins:

So let's talk a bit more detail about first off, how does NT or tokenization, how does it actually reduce fraud?

Clay Hefner:

Yeah. So network tokens are either device specific or they're merchant specific. So I'll briefly with like the device specific. When I was talking earlier about the 2014 version of tokenization. You know, when you make that Apple Pay transaction, you're getting a token that is specific to your phone, right? So the next evolution of that was to make that work for e-commerce, and the way they did that was by making the tokens merchant specific. So let's say, Peter, you and I have two different businesses, but we have a common customer. If that customer brings their card and it keeps it on file with us and we're both leveraging network tokens, while the customer only has like a single raw PAN number, you get a network token and I get a network token. So now we know that the tokens are merchant specific.

Clay Hefner:

And in the case of a breach, and I'll pick on you here, let's say that your database is breached. My token is not affected. They'll just freeze your network token. So my recurring transactions still happen, even while say the data breach is being resolved and new tokens are being issued for you on your side. So the merchant specific piece helps with the fraud reduction. But layered on top of that, network tokens also have what's called a cryptogram. It's one-time use, it's procedurally generated. So really hard for hackers to say like produce their own. So once again, I'm going to pick on you, but let's say you do have that data breach. The network token itself isn't valuable without the cryptogram and really only your payment service provider can generate that cryptogram for you. So even if the hacker has run off with all your customer's network tokens, those tokens can be frozen, reissued to you, and the hacker still can't do anything if they were still valid, because he would need that cryptogram as well.

Peter Mollins:

Okay. So I imagine that that reduction in fraud also has a benefit, higher supports, higher success rates I imagine?

Clay Hefner:

Yeah. So the higher success rates, I will say the common thread there is the network tokens are inherently more trusted, and the reason being is when the token itself is generated, it's generated in partnership with the issuing bank. So the bank is aware of who the merchant is. They're aware of the customer, there's that associated relationship inherently like in that token itself. So ultimately when the transaction happens, once again, along with this cryptogram, the issuing bank has kind of like done this due diligence right upfront. So now the acquiring bank actually has this inherent trust with the network token. I guess maybe some foreshadowing, but ultimately what this boils down to from like a merchant benefit, Visa has released a study that shows that there's about a 3.2% authorization success rate lift when using network tokens, really in comparison to your more traditional just raw PAN transactions.

Peter Mollins:

Right, that's incredible. And when you think about merchants often are struggling, battling for a 10th of a percent of the increase, and I've been to conferences where someone went up and presented some very sophisticated work they'd done to just get a quarter percent improvement. And there was just incredible excitement when they did get that. And so to think over 3%, that's phenomenal.

Clay Hefner:

Yeah. Especially when you start talking about that at scale, that's a huge impact to the bottom line of the business. And I think neatly fits in with that revenue optimization piece that we were talking about earlier.

Peter Mollins:

Right, it does sound like it's a core part of that. I know we'll probably come back and talk about smart routing in a future episode. But it sounds like they play very well together those two elements.

Clay Hefner:

They do. I think they're sort of different elements, but they certainly pair together and support one another.

Peter Mollins:

Great, great. So if tokens are tied to a specific merchant, does that actually limit the merchant's flexibility? I mean, obviously some great security fraud benefits, but what happens to their ability to adapt or change service providers for instance?

Clay Hefner:

Yeah. So the tokens, while they are merchant specific, it really depends on how that merchant acquired the token. So if you think about it in 3D parts, network tokens have to have three pieces in order for it to work. The first is the token requester, that can happen in three different ways. The merchant themself could be the requester. Typically what we've seen in the industry so far today is like a payment service provider is the requester. Or you have a payments orchestrator like Spreedly be the requester. And I'm going to come back to that piece because I think it will tie it all together. The second piece that a merchant needs is what's called a TRID. That's a Token Requestor ID. And that's really what makes the token specific to them. Doesn't matter who the requester is, that TRID can be applied throughout.

Clay Hefner:

And then lastly, they need to have a payment service provider that will handle the transaction. Actually taking that network token, they've worked with the acquirers to pass it through. So where can there be flexibility? Where can there be inflexibility? Really inflexibility starts to come when your token is tied to a requester that really wants to keep it inside of a walled garden, right? So if you work with say a payment service provider and they allow you to request tokens and handle this token transactions through them, you get the benefits of network tokens, but really only for that payment service provider. Really where merchants can have the benefits of network token, some flexibility, is really when they start to have more control over the token itself and have this agnostic approach. And for us it's really, that's really core to our business.

Peter Mollins:

Yeah. Well, so you're touching on Spreedly as being this token requester. So maybe do you mind just explaining a bit more about how Spreedly addresses tokenization? Network tokenization?

Clay Hefner:

Yeah, I kind of set myself up for that. So if you think about it this way, right now Spreedly has ... For a long time we've offered a PCI tokenization inside of the central vault for our merchants. The next evolution of that with network tokens is we have done direct integrations with Visa and MasterCard. So for cards that are vaulted with Spreedly, we can acquire network tokens for those cards. What's great about this approach is you still keep one token, a Spreedly token that you have to manage. But then, depending on the gateway and their support of network tokens, and it goes back to my third piece, a gateway has to support your network token transaction, you have the choice of either routing the token itself or the underlying PAN.

Clay Hefner:

And I think that's a huge opportunity for merchants, because not all gateways are supporting network token transactions at this point. You know, it's been around, especially for e-commerce, since 2017. So, gateways and payment service providers are picking up adoption, and it's a great time to be using network tokens. But not everybody's there yet. So you know, I think some of the hesitation for merchants, especially if they want to have a multi-provider solution is they do want to have the network token, but in certain instances they still need that card on file. And our solution lets you use both.

Clay Hefner:

I think what we'll see over the long term is tokenization will proliferate throughout the industry for a lot of the reasons that we talked about. Security, the merchant benefits, the customer benefits and slowly that need for PAN will dissolve. But as it exists today, there's still the compelling cases to have both.

Peter Mollins:

Got it. Great. Well maybe can you put your crystal ball on the table and tell me what you see as being like a future for revenue optimization at Spreedly or maybe in general?

Clay Hefner:

Yeah, I think for revenue optimization, so things, if people are watching this to keep their thumb on the pulse, I think there's some interesting things that are happening with secure remote commerce. Network tokens I think are great for recurring transactions, but there is some inherent latency in getting that initial token. Remember, you have to go all the way to the issuing bank and back. I think secure remote commerce helps to play a role in solidifying that. It actually generates a token from the very first transaction. So all your transactions are secure, along with just some other one click benefits for customers. So I think that will be a piece of revenue optimization in the future.

Clay Hefner:

I also think when it comes to retry rules, retry rules for like failed transactions and how that works. There's some things that I've seen merchants do today that are pretty simple in terms of logic. I'm really going to be interested how machine learning and AI improves that. Like country, time of day, the size of the transaction. Like should we route it to another gateway? A lot of that just where we're at in terms of like machine learning and the amount of information that's coming into the ecosystem already. It's just a matter of time before we start the process that down and really make some intelligent tools. So I think that's going to be on the horizon as well in the industry.

Peter Mollins:

Got it. Well, terrific. Clay, this was a great chat, really enjoyed the opportunity to learn more about both network tokenization and revenue optimization in general and how Spreedly can help merchants platforms and marketplaces out there. So again, really enjoyed it and hopefully we'll be talking soon on another Payments Dialogue.

Clay Hefner:

Yeah, absolutely. If folks have questions, encourage you to reach out. Love to chat more.

Peter Mollins:

Sounds great. Clay, thanks.

Clay Hefner:

Thanks, Peter.