Skip to main content

Network Tokenisation in QuickStream

Tokenisation is the process of replacing personal data such as account details with a non-personal value (a token). This token can then be used for payment processing and transaction querying. QuickStream enables you to register and tokenise card and bank account details to securely store it in our QuickStream Vault.

The primary purpose of Tokenisation is to provide storage for card details and help your card receivables solution become PCI-DSS compliant. QuickStream, as a Tokenisation engine, has attained Level 1 PCIDSS compliance - the highest level achievable.

Interchange benefits

Both Visa and Mastercard may offer preferential interchange rates for tokenised transactions.

Increased transaction approval rates

Enhanced functionality linking token to an underlying payment account (PAR) rather than a "card" which means transactions will be successful even in case of customer's card number being replaced (lost/stolen or other reasons).

Increased transaction security

Tokenisation at a scheme-level increases security of the PAN. Proprietary tokenisation (QuickVault) is still required for merchants to help keep their current PCI-DSS status as scheme tokens are considered "PCI-DSS sensitive" same as PAN.

Minimal technical changes

Product build within QuickStream was done to minimize any changes for the merchant. Enabling Tokenisation in most cases should be a back-end enablement for their existing QuickStream facility.

How it works

A Token is a surrogate value that replaces the Primary Account Number (PAN) in the payment ecosystem. Tokenisation is the replacement of a consumer card's primary account number (PAN) with an alternative: an account token.

Network Tokenisation takes this further and replaces the PAN with a Digital Primary Account Number (DPAN). Visa and Mastercard verify the cardholder's information and provide a DPAN that can only be used by QuickStream for a single merchant. QuickStream is notified of changes to the underlying account, such as a stolen card or updated card details.

Network Tokenisation context diagram

Supported channels

Tokenisation can be completed via QuickStream and can be integrated into different registration scenarios. The registration scenarios that are supported via QuickStream:

Customer-initiated Web Registration

(QuickStream REST API and/or QuickVault Web Registration)

Your customer visits a webpage where they will enter their payment details to be tokenised and saved for potential future use.

Merchant-initiated Web Registration

(QuickStream REST API and/or QuickStream Portal)

Your staff get access to a portal or web interface to enter payment details on behalf of your customers to be tokenised and saved for potential future use.

Merchant-initiated Batch Registration

(QuickVault Batch Registration)

Your staff send a batch file with customer payment details which QuickStream will tokenise in bulk and return tokens to be saved for potential future use.

See also


The information contained in this publication is provided for learning purposes only and is subject to change. Revisions may be issued from time to time that encompass changes or additions to this module.

This is a guide only and it is not comprehensive. It does not impinge on or overrule any formal arrangement you may enter into with the Bank. The Bank and its officers shall not have any liability for any losses of any kind incurred in connection with any action, inaction or decision taken in reliance on the information herein or for any inaccuracies, errors or omissions. In this publication references to the "Bank" are to Westpac Banking Corporation ABN 33 007 457 141 and to any of its operating Divisions, including BankSA and St.George.