A. Available documentation

• Article the merchant can see: https://help.rocketgate.com/a/solutions/articles/28000026937?portalId=28000007151 
• Internal Wrike for setup: https://www.wrike.com/workspace.htm?acc=406828#folder/1250702192/list?filters=status%3Dactive&showDescendants=0&sidePanelItemId=1250701789&sortOrder=10&spaceId=-1&viewId=229466133
• Internal training given in August 3rd, 2023: https://docs.google.com/presentation/d/18vkfyYUkf-r2l4U4cLLN3EK1tJwAZ1_r26LcezBeFl4/edit?usp=sharing 
• 
  

B. Additional information for internal use 

(some copy pasting from the above to make it simpler for internal teams)

What token are we talking about?

Token is a widely used term. Here we speak about VISA / Mastercard using a combination of “PAN + Merchant” to create a Network token that can be used for subsequent transactions, for ONE merchant only. Merchant in this context means the company, the legal entity, and can have multiple accounts at different banks. Not the account.

How does it work?

1. When someone joins for the first time, before processing the payment, RocketGate will get a Network Token (NT) and a cryptogram. The Network Token is permanent. The Cryptogram is to be on one transaction only. The NT and the Cryptogram will be used instead of the full PAN.

2. Subsequent transactions:

2.1 For MIT transaction (recurring and unscheduled like post-paid), only the NT is (re)-used.

2.2 For MIT transaction, the NT is (re)-used + a new cryptogram needs to be requested

• PAN remains mandatory, and us used as a fallback is NT cannot be used for any reason
• Network token is under PCI scope

Notes:

The feature works for the following business models:

• One-time sales
• Unscheduled MIT with Network Token available in card-on-file.
• Subscription model - join and rebill. Similarly to Unscheduled MIT, rebill will be processed with Network Token if it's available in card-on-file. 

If the processor supports the feature, RocketGate will always process the transaction with the token first. If the transaction is declined, RocketGate will automatically re-attempt the transaction with the PAN. This does not require a mercant option. 

The feature is not supported on:

• Xsell (one-time sale or subscription)
• Rebills which are sent as upsell.  

The benefits

• Higher approval rate, expecting around 2,1%
• Lower transaction fees at the acquirer, for example VISA NT transactions will be 10bps lower
• Reduce Fraud, VISA claims a 26% decline in Fraud
• Ref:  https://www.carat.fiserv.com/en-us/resources/network-token-benefits/
• https://www.checkout.com/blog/network-tokens-explained 

The Compliance part

• Mastercard calls this the SCOF (Secure Card On File) using the MDES framework - AN 6996 and AN 8181
  • Due date: May 1st, 2024
  • Assessment (fees): June 30, 2024
• VISA Secure Credential Framework AI 12435
  • Due Date  +fees: October 1st, 2023

Billing structure

• Network Token cost is in addition to the transaction cost, just like 3DS
• RocketGate bills per "Network Token event" :
  • Creation of a Network Token - success and decline
  • Creation of a Cryptogram - success and decline

How to enroll a merchant

- Merchant needs to contact support@rocketgate.com, then our Support team will follow the Wrike https://www.wrike.com/workspace.htm?acc=406828#folder/1250702192/list?filters=status%3Dactive&showDescendants=0&sidePanelItemId=1250701789&sortOrder=10&spaceId=-1&viewId=229466133

How to configure a merchant to go live

- Merchant decides which accounts and/or sites to use first

- RocketGate configures it

- Merchant has nothing to do on their side

Who can use it?

- All merchants. Industry does not matter. Integration does not matter.

Any development required by the merchant

- NO

- Optional:  RocketGate Transaction History API has the flag "PAN / Token", the merchant can use it if they'd like.

RocketGate readiness