Token Migration Process

Token Migration Process

Introduction

Token migration is a complex process that requires a comprehensive understanding of payment data security and adherence to strict compliance standards. We, as a payment provider specializing in vertically integrated Software as a Service (SaaS) partners, are committed to making this process as seamless as possible for our partners. This document outlines the step-by-step procedure for migrating Primary Account Number (PAN) tokens, providing all the necessary support and guidance needed.

Process Overview

The migration process involves several key steps:

  1. Initiating the official request process with your existing provider.

  2. Confirming the destination is PCI L1 certified, a requirement your current provider will stipulate.

  3. Providing necessary details based on your existing vendor's capabilities, such as Secure File Transfer Protocol (SFTP), Hypertext Transfer Protocol (HTTP), etc.

  4. Receiving the data, migrating it, and retaining your existing tokens or providing a token mapping for you.

Step-by-step Procedure

Step 1: Initiate Official Request with Existing Provider

Initiate the token migration process by formally requesting your existing provider. This step might involve filling out a form or sending an official request email, depending on your provider's policies and procedures. Make sure to specify your intentions and needs clearly, to avoid any potential misunderstandings and delays.

Important information

Your existing processor will require PGP key to encrypt sensitive data. Please use the following PGP migration key.

PGP migration Key
-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBGcSxFwBEAC7gJ8IFJUZnjQQKyVb7dZloktINmQmOuyNxIuXQ8oOw6NHpgiu
CnyqccYK5eO3JqyZJKSf4b2ZHXEMs19NR6EUF7ejtyj4jr2fMGtwygczHhUfrGSl
TpHrfPd2g1gYCnwQsky25bhGvOxkdWL6vr5i7XoqAVxXTFtgh1Ar4DiOGP/CyYs4
FhAPNyyGa9hApVk72aj39nMp5Q1ACv2ZTz8nBo6WhRvH6V8EJDpdUFENIy73/2t3
8ldjOhB1HQHW90AvDeCimBtem2tzRFERO3XIzQw96I4+AZkgqsOjdAuG4HOi7D3w
OtGYc97nE6lVOaEiYewsWjl1Yx2vr2TTNeXGgc8g95odis6weUv2UCCHEgS5LOnV
VnjNSSMbW9JriA9/5Wi1UKVDsQthSevHD7dhxjidtrSs62D5999sOnFcXZhbqLUX
icK+RrMmBQhka3rRlOEiXpdKhZ7FwF4a/bxnVzdkrEA4+eiCmyJXQLjQpMSOGGJE
bxXOFTrpahJv5oiWWk+qGojKZNe79Ma0fTR4b/ljzBqHUbIWkkKJxEuF/MHVnF1B
oatEKJUZToKHnekX/xF1wIFvMwgaon9GofVKOIwwLq3wndaF98iygrlEPmGoOEPy
fzLWBPN07W5IUB+R2H0VwZo7HeId/pYr62qfr/CsvbyzTuyqLQOX9TfCIQARAQAB
tGRwYXllbmdpbmUgdG9rZW4gaW1wb3J0IChwbGF0Zm9ybSBmYWN0b3J5IHRva2Vu
IG1pZ3JhdGlvbiBrZXkpIDxzdXBwb3J0LW1pZ3JhdGlvbkBwbGF0Zm9ybWZhY3Rv
cnkuaW8+iQJOBBMBCAA4FiEEBE2oIk/O+m/LPgQ/N1mUruA5HcEFAmcSxFwCGwMF
CwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQN1mUruA5HcFiZQ/6AvQdlIIFWrWh
C9X8Uo/LsyxpsTOpaMHnKD7rstSV0skDXKaH0wcEaDdbT7g9ylwJQG116SuYwG0w
cfe5Wqxb0C43XFWIgeHMuF+uMQePhrOpuZuAoWqNW1sUnh3uT7qPHnQXP2Vgdm+M
uz0oFinOGhCy1sSxQXPk9VePLUqaujNZs0+nyHak9jJtX9wSCRMaEia36kgMzgtM
pHxyt9l8GzinqiYT2dvmbtoPLkFCsAOw5hAg6mvBvoR4TriABzaBX4EkvCvfCP5X
EkgnoIqOUc+ENoXUQwtsJpns2H09c/Ek8fZ2M+IYWGndxpeF1btqb3tdPjQHsJ3I
EUs2WQ7AX4J4VI3Jcz6JfSyI2kRM3lLL5x3+anmkN+IxEmKGSGZecAOTSUClmtef
GujJ+l0QMqBRPpFEORhnd/J4ccB7vlFyU4VL9wLZuKx8ekdl8eWekCh/iCruCPC2
DLPmZnHU6bTbpUabJObsZrRCsoCBZUXVGgjV2x72q43b8YnAqSZu+WwVqfDFqxkc
SoI704N7Stu4UMa5h58o/wXOrYuVLDCjYCcdC/4WPJPv4U8dgS92IVIrM3TtZPib
SVifxOBZtikRkMa+jNJlbzokA1xKUB/+Mb+JwvqxlJSzJb9Eq+mtUhVxiPq50r9U
iB3CKYPRWolxCgIJzgYCfRPOYmuWJtS5Ag0EZxLEXAEQALWJo4r00H6/UFbLkziN
17Bk1oENz/e9JoiRxo5gPsw8QMNeLWCHnfKtw3ZjqqqBnX/7B1pD1X5jgSEuwhWp
lgx9xKNdA2OwAKDIxdx3AEusQOfHkkFnZSXPmFYkSYkJIjbXVVk4koVn/YJcGCN1
YJ+8sCShXjzWD7wYwQtAy3u8jLxTHl0iXxmN7FVcupttpU2MAhVPg+6xESUkeRGW
nt1j4oo6Y8NAo7C1uT0A6xaCxWqT0Qf0CtVnNNXQsJnvuve2TAPRorNnSmYRVDeX
Hmvd3iqQz4LJM6o6EFqZWURbK4CMSiZ78LQxdKvxvntrXs6u5a74TZ8rYls06Dba
+P7VmpGrf63MN81qBoK2AcIJoXRq3xru01ZiQk+3LDuuE8LhPwrzrafAIMJBKCu7
vl9uzkmB8Vg5+xVtXkunvgjGxPp2Awy4wAFSO4MBPlNWZ0jTOGJQ8gt+MblYFRyN
HVbj7cG9i9Xz3kG8dMIOohaAUtOJFlpSrAsB5VHys7ymHbeol2jYTW5NNk4cb+zZ
S2cldI07tsynvYV1tcF0W8zRgwR1HRARVRVxWrFNVjGZMUWq6NxaLEPs9zgIKGEX
cQ9zFm83zvnmhK8p25LnTr8R3DfxkRNqCjHTYDnJe0YeA1LKyl/D16akcSdqgSNA
/6XTOcGzaTGYRmT30TZC7FBzABEBAAGJAjYEGAEIACAWIQQETagiT876b8s+BD83
WZSu4DkdwQUCZxLEXAIbDAAKCRA3WZSu4DkdwVjTEACQXI1xVabNCK95tPtdgz/1
EOPSXaaxiRANHdRt5lr5JSvVPeyL9Eh1rd2y7Dc3EStTYmIFkN9utG6pvhyvri3u
t6cHRja+xHrwqhZGUc7u+uH1wBI8v3CHj0bLDxDyJ8EmyUlZsA9cU3uNI1Y/uukP
jiGuxAnsuKk07cYYK7+VvtFVrd8i8r/FYOjrfmr1vk3tIsQw3Wsd1uHUDRIM7F3d
mg3HWeaPV/bm0yytnYRHWK91Ti9pOOGZ9ndB0he56ljhnt84f7LiJnXW5xEEjVFK
8svtI7ho9VfdzoB3tCloj8FMmvq5NTLUl1q/cEl5CAyK6z59gWm/sUVc8g7PuleM
3lFL0SyQoCVH0a8LZ1OUh5DiZEE7A+BlHZVGaiz0dZhhVaYr9OmDGm4RAYrx6j1S
NzjSu/8IQDFqtrLoDe2/kSsKcyeiEDRFKSvpszq5VyMKCRbFJDSplTqyy+7EYSxp
IfAW2rk4hMCMti0FV9w82hhkuZzHgO/k9EbabMloa5gJdCtAgApNx8EOunRYEzeY
6FldsoQq4W3weFRKU7vvQLd+4VUThHe9BR/fDvk8NchDqV5ASWYzW/bqtRMgZF9b
q4FKzABB3i73GBClzeP1N35hfvNKAUP67+jjasQqAYfG22YnkHBrEob+r5IH7EYe
2YPYhRhluv9gfm3ax8wA4w==
=/8oo
-----END PGP PUBLIC KEY BLOCK-----

Key type: RSA 4096 bits

Figerprint: 044D A822 4FCE FA6F CB3E 043F 3759 94AE E039 1DC1

User ID: support-migration@platformfactory.io

Platform Factory (PayEngine) is a PCI DSS Level 1 certified entity. You can access our Visa service provider registry entry here

Step 2: Confirm PCI L1 Certified Destination

Your existing provider will require that the destination of the token migration be PCI DSS Level 1 certified. We, as your new provider, are fully PCI DSS Level 1 compliant. Once you receive this request from your existing provider, please forward it to us. We will then provide all the necessary documentation and information required by your existing provider to prove the PCI L1 certification status of our systems. This ensures that we adhere to the strictest security standards, protecting sensitive cardholder data.

Step 3: Provide Necessary Details Based on Existing Vendor's Capabilities

Depending on your existing provider's capabilities, they may require certain details to initiate the token migration. This could include the preferred method of transfer (e.g., SFTP, HTTP), our server details, and authentication credentials. When your existing provider requests this information, kindly forward the request to us. We will promptly provide all the necessary information based on your existing provider's requirements.

Step 4: Data Receipt and Migration

Once we receive the token data from your existing provider, we will initiate the migration process. This process involves validating the data, ensuring integrity, and moving the tokens into our secure systems. We will then conduct rigorous testing to ensure that all migrated tokens are functioning as expected.

Step 5: Retain Existing Tokens or Provide Token Mapping

We can retain your existing token identifiers or provide a token mapping based on your preference. Retaining existing tokens can facilitate the transition, particularly if your systems or processes are designed around specific token identifiers. Alternatively, we can provide a token mapping that maps your existing token identifiers to new ones in our system. This can provide an additional layer of security and can be beneficial if you're looking to restructure your token identifiers as part of the migration.

Conclusion

Through this document, we have outlined the intricate process of PAN token migration. The process, while complex, is designed to ensure a seamless transition, minimal disruption to your operations, and the highest levels of security and compliance. We understand the importance of this transition for your business and are committed to providing you with all the support you need throughout this process. Should you have any questions or require further clarification on any step in this process, please do not hesitate to contact us. Your trust and satisfaction are our top priority.

PreviousAutomatic Network TokenizationNextRetrieval Requests & Chargebacks

Last updated