Omnitoken

An Omnitoken is a unique digital token generated within a Merchant's chain that enhances security and traceability for transactions. It serves as a secure substitute for sensitive payment information, ensuring safe and seamless transactions. For Referrers, enabling Omnitoken for their Merchant Portfolio offers increased security, streamlined transactions, and future-proofing capabilities. By utilizing Omnitoken, Referrers can provide their Merchants with a secure and efficient payment solution that aligns with industry standards and supports various payment technologies.

Enable the Omnitoken Service

To optimize your experience, make sure the following criteria is met:

  1. A triPOS-compatible, Omnitoken-enabled terminal is used (provided by KIF).

  2. Each relevant Merchant and Customer account is activated for Omnitoken.

  3. VCORE is used as the processing platform since Omnitoken exclusively works with the VCORE Express gateway.

  4. You are familiar with Worldpay Express Gateway APIs and Payrix APIs.

Our Omnitoken service effectively minimizes card exposure and data theft, reduces PCI scope, and boosts confidence in digital transactions. Omnitoken is beneficial across various industries, spanning from traditional physical stores to online payment processors requiring secure tokenization data storage, recurring subscription billing, or streamlined product pre-order payment processing. Let's explore how to enable the Omnitoken service through both the Portal and API methods.

Using the Portal

  • Step 1: Click Divisions in the left-hand navigation panel and access the profile for the Division (Referrer Portfolio) you’d like to enable.

  • Step 2: Click Parameters from the left-hand Division Profile menu.

  • Step 3: Click the Add Parameters button in the top right-hand corner.

  • Step 4: Click the Edit icon in the upper right corner and scroll to Omnitoken Enabled

  • Step 5: Toggle Omnitoken Enabled on and select Enabled from the drop-down.

  • Step 6: Click the Confirm icon in the upper right corner of the page to complete the process.

Result: The Referrer is now enabled to provide Omnitoken capabilities to their Merchants using compatible payment terminals.

Using the API

Parameters Headers

POST /parameters HTTP/1.1 Content-Type: application/json Accept: application/json APIKEY:{{apiKey or txnSessionKey}} Host: api-test.payrix.com

Available HTTP Methods

Available HTTP Methods

Create

POST /parameters

Retrieve All

GET /parameters

Retrieve by ID

GET /entityCustomFields/{id}

Update

PUT /parameters/{id}

Request Body

{ "login ": "t1_log_123abc4d567890efg1h2i34", "OmnitokenEnabled": "1", "inactive": 0, "frozen": 0 }

Tip: If you have an existing parameter configuration, you can use the PUT method to update it with the same request body.

View the full endpoint reference here.

  • You must be logged in to the Portal to access this endpoint reference.

Parameter

Type

Required

Description

Valid Values

Parameter

Type

Required

Description

Valid Values

login

ID

Required

The ID of the Login (User) enabling the Omnitoken parameter.

This field is stored as a text string.

Example Format:

t1_ent_123abc4d567890efg1h2i34

OmnitokenEnabled

Boolean

Required

Whether or not the Omnitoken feature is enabled.

Valid Values:

  • 0 - Disabled

  • 1 - Enabled

inactive

Boolean

Required

Whether this parameter configuration is marked as inactive.

Valid Values:

  • 0 - Active

  • 1 - Inactive

frozen

Boolean

Required

Whether this parameter configuration is marked as frozen.

Valid Values:

  • 0 - Not Frozen

  • 1 - Frozen

By using one of the methods above, your Merchant(s) will now automatically mint new Omnitokens when processing card payment terminal transactions, securely and seamlessly tokenizing customer payment methods, making them available for reuse in the future.

Activate Omnitokens

Once the Omnitoken parameter has been enabled for a Referrer and its subsequent Merchant portfolio (Division), the Omnitoken must be activated or “enabled” for each Merchant or Group. By activating Omnitokens, Referrers can ensure increased security measures, efficient payment processing, and future-proof tokenization capabilities for their Merchants. Let's explore how to activate Omnitokens through both the Portal and API methods.

Using the Portal

  • Step 1: Click Settings in the left-hand navigation panel to open the Settings page.

  • Step 2: Click Omnitoken, under the Value-Added Services section of the page.

  • Step 3: Click the Enable button next to the Merchant you’d like to Activate.

Result: The individual Merchant was enabled for Omnitoken providing the providing the ID, service, and date of enablement.

  • Step 1: Click Groups in the left-hand navigation panel to open the Groups page.

  • Step 2: Locate the group in the table and click on any information in the table row to open the Group Profile page.

  • Step 3: Click VALUE-ADDED SERVICE ENABLEMENT from the left-hand menu.

  • Step 4: Click the Add Service button in the upper-right corner.

  • Step 5: Select Omnitoken from the Value-Added Service dropdown, then click the Add button.

Result: The new Omnitoken enablement for the group will appear on the Value-Added Services Enablement page table, providing the ID, service, and date of enablement.

Using the API

Omnitokens Headers

POST /Omnitokens HTTP/1.1 Content-Type: application/json Accept: application/json APIKEY:{{apiKey or txnSessionKey}} Host: api-test.payrix.com

Available HTTP Methods

Available HTTP Methods

Create

POST /Omnitokens

Retrieve All

GET /Omnitokens

Retrieve by ID

GET /Omnitokens/{id}

Update

PUT /Omnitokens/{id}

Delete

DELETE /Omnitokens/{id}

ID Format

t1_otk_123abc4d567890efg1h2i34

Request Body

Parameter

Type

Required

Description

Valid Values

Parameter

Type

Required

Description

Valid Values

entity

ID

Required

The ID of the Entity that this Omnitoken is associated with.

This field is stored as a text string.

Example Format:

t1_ent_123abc4d567890efg1h2i34

platform

string

Required

The Platform to which an Omnitoken should be applied.

Valid Values:

VANTIV - Vantiv VAP

VCORE- Vantiv CORE

WORLDPAY - Worldpay Express

enablementDate

date-time

Optional

The date and time when an entity will be enabled for Omnitoken.

Format:

YYYY-MM-DD HH:MM:SS (UTC)

Example:

2024-03-29T21:26:55.016Z

inactive

Boolean

Required

Whether this resource is marked as inactive.

Valid Values:

  • 0 - Active

  • 1 - Inactive

frozen

Boolean

Required

Whether this resource is marked as frozen.

Valid Values:

  • 0 - Not Frozen

  • 1 - Frozen

Response Body

Parameter

Type

Description

Valid Values

Parameter

Type

Description

Valid Values

id

ID

The ID of the existing/ newly created Omnitoken

This field is stored as a text string.

Example Format:

t1_otk_123abc4d567890efg1h2i34

created

date-time

The date the Omnitoken was first created.

Format:

YYYY-MM-DD HH:MM:SS (UTC)

Example:

2024-03-29T21:26:55.016Z

modified

date-time

The date the Omnitoken was last modified, if applicable.

Format:

YYYY-MM-DD HH:MM:SS (UTC)

Example:

2024-03-29T21:26:55.016Z

creator

ID

The User (Login) ID for the user that created the Omnitoken.

This field is stored as a text string.

Example Format:

t1_log_123abc4d567890efg1h2i34

modifier

ID

The User (Login) ID for the user that last modified the Omnitoken.

This field is stored as a text string.

Example Format:

t1_log_123abc4d567890efg1h2i34

entity

ID

The ID of the Entity that this Omnitoken is associated with.

This field is stored as a text string.

Example Format:

t1_ent_123abc4d567890efg1h2i34

platform

string

The Platform to which an Omnitoken should be applied.

Valid Values

VANTIV - Vantiv VAP

VCORE- Vantiv CORE

WORLDPAY - Worldpay Express

org

ID

The ID of the Orgs (group) that Omnitoken is associated with.

This field is stored as a text string.

Example Format:

t1_org_123abc4d567890efg1h2i34

division

ID

The ID of the Division that Omnitoken is associated with.

This field is stored as a text string.

Example Format:

t1_div_123abc4d567890efg1h2i34

partition

ID

The ID of the Partition that Omnitoken is associated with.

This field is stored as a text string.

Example Format:

t1_ptn_123abc4d567890efg1h2i34

enablementDate

date-time

The date and time when an entity will be enabled for Omnitoken.

Format:

YYYY-MM-DD HH:MM:SS (UTC)

Example:

2024-03-29T21:26:55.016Z

inactive

Boolean

Whether this resource is marked as inactive.

Valid Values:

  • 0 - Active

  • 1 - Inactive

frozen

Boolean

Whether this resource is marked as frozen.

Valid Values:

  • 0 - Not Frozen

  • 1 - Frozen

 

By using one of the methods above, your Merchant(s) will now automatically mint new Omnitokens when processing card payment terminal transactions, securely and seamlessly tokenizing customer payment methods, making them available for reuse in the future.

Omnitoken Fees

Using the robust Payrix fee engine, Omnitoken-based actions can generate fees for Merchants to their Referrers and Facilitators, below is a list of use cases where the actions qualify for fees:

Qualified for Omnitoken Fee Charges

  • Minting a new Omnitoken through Terminal Sale, $0 Authorization, or Refund from new card info.

  • Minting a new Omnitoken through Card Not-Present Sale, $0 Authorization or Refund from new card info

  • Minting a new Omnitoken using a pre-existing Payrix Token.

  • Lookup of an existing Omnitoken using the original Payment Account Number (PAN) used to first mint the Omnitoken.

Not Qualified for Omnitoken Fee Charges

  • Reusing a Terminal-minted Omnitoken for a Sale, $0 Authorization, or Refund Card Not-Present transaction


Minting Omnitokens

In the Omnitoken Use Cases section, we take a closer look at real-life applications of Omnitoken technology to simplify future transactions, step up security measures, and set the stage for future tokenization capabilities for Merchants and Referrers. Dive into how Omnitokens are minted, verified and reused to guarantee streamlined and secure payment options.

Mint a new Omnitoken (Card Present)

When a Merchant is enabled for Omnitoken, their triPOS Express-compatible payment terminal hardware is automatically generates new Omnitokens for customer payment methods through a secure minting process enabled by the relevant Key Injection Facility (KIF).

Mint a new Omnitoken (Card Not Present)

Omnitoken-enabled Merchants can also process payments and generate new Omnitokens from customer payment information by using the Payrix payment acceptance options available through the /txns endpoint, such as Sale or $0 Authorization types.

Convert a Payrix Token to Minted Omnitoken

Merchants with pre-existing customer records likely have Payrix platform-hosted tokenized payment methods that they would like to migrate to Omnitoken for flexibility between Card Not-Present and Card-Present payment acceptance scenarios. Following the process below, Merchants can easily mint a new Omnitoken from a Payrix Token by making small adjustments to their Card Not-Present transaction request.


Retrieve an Omnitoken from a Transaction

After minting a new Omnitoken, you may want to retrieve its record to ensure minting was successful or to locate the information for further reuse via API.

There are several ways to locate an Omnitoken value after it has been minted:

Using the Portal

Using the API


Re-use an Omnitoken for a New Transaction

After minting a new Omnitoken, you will eventually re-use the tokenized payment method for a future transaction. Below are the methods available for re-use from a triPOS terminal (Card Present) and directly from Payrix online payment acceptance options (Card Not-Present):

Card-Present

Card Not-Present


More on Omnitokens

Below is additional information regarding Chains, Vaults, Minting, and other Omnitoken-specific technology and terminology to enhance your comprehension of the workflow.

Chains

Chains represent a hierarchical structure designed to facilitate the sharing of tokens across different levels of the Merchant hierarchy. These Chains play a crucial role in organizing and linking various business accounts within the Omnitoken ecosystem, allowing for the seamless utilization of tokens across multiple Merchant IDs (MIDs). By establishing this hierarchical framework, Chains enable efficient token management and distribution, enhancing coordination and operational effectiveness within the Worldpay payment processing system.

The SuperChain is an advanced, top-level Chain for all other Chains. It allows for the sharing of tokens across the Merchant hierarchy at both the Chain and SuperChain levels. By using rollup IDs to link different business accounts, the SuperChain system ensures seamless token sharing and management within the Worldpay ecosystem. This centralized approach to managing business accounts under a unified Omnitoken hierarchy enhances efficiency and coordination across multiple Merchant IDs (MIDs).

Chain Requirements

Upon boarding the platform, your portfolio will be enabled for Omnitoken with a Chain ID assigned automatically, allowing your Merchants to plug and play with the new terminal to mint new Omnitokens to their Chains upon successful boarding.

Vaults

A Vault serves as a secure digital repository within a Merchant's chain where Omnitokens are stored. These Omnitokens are unique digital tokens generated from transactions to replace sensitive payment information, ensuring secure and seamless payment processing. The Vault enhances security measures by safeguarding these tokens and provides traceability for transactions. By utilizing the Omnitoken Vault, s can securely manage and utilize Omnitokens for various payment transactions, aligning with industry standards and supporting advanced payment technologies.

Minting

Minting is the process of generating new Omnitokens on a Merchant’s Chain from a transaction to be used in future transactions, specifically for Card Present (CP) and Card Not Present (CNP) transactions. Here's how minting works within the Omnitoken chain structure. Minting Omnitokens provides enhanced security, improved traceability, on-demand scalability, and future-proofing with compatibility with future payment technologies and industry standards to ensure seamless integration into the new cutting-edge functions and features.

Minting Requirements

  • A triPOS-compatible payment terminal enabled by the KIF.

  • A valid credit card with associated cardholder information.