> For the complete documentation index, see [llms.txt](https://plexo.gitbook.io/rest-api/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://plexo.gitbook.io/rest-api/core-concepts/tokenization.md). # Tokenization *Brief explanation: Tokenization replaces sensitive card data with secure tokens, enabling recurring payments and one-time use without storing actual card numbers.* ## What is Tokenization? Tokenization replaces sensitive payment card data (PAN) with a unique token. The original card data is securely stored in Plexo's PCI-compliant vault, while the token can be safely stored by merchants. **Example:** ``` Original Card: 4444 3333 2222 1111 Token: a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6 ``` Tokens are non-reversible and meaningless if intercepted. ## Why Use Tokenization? **Security & Compliance:** * Reduces PCI DSS compliance scope * Eliminates merchant storage of sensitive card data * Protects against data breaches **Business Benefits:** * **Recurring Payments**: Subscriptions and scheduled charges without re-entering cards * **One-Click Checkout**: Faster repeat purchases for returning customers * **Temporal Tokens**: Secure one-time future payments (24-hour validity) ## How Tokenization Works **Common Flow:** 1. Merchant creates session via API (checkout or tokenization) 2. Customer redirected to Plexo-hosted page (iframe or redirect) 3. Customer enters card details on Plexo's secure form 4. Plexo validates, tokenizes, and stores card data 5. Token returned to merchant via callback or API response 6. Merchant stores token for future use Card data never touches merchant servers, reducing PCI compliance scope. ## Token Types ### Temporal Tokens * **Lifespan**: 24 hours * **Use**: One-time future payment * **Example**: Complete purchase later, delayed capture ### Store Tokens * **Lifespan**: Until card expiration or manual deletion * **Use**: Recurring payments, subscriptions * **Linked**: Associated with customer account ### CVV Requirements * **First payment**: CVV required (captured during tokenization) * **Recurring payments**: CVV not required * **Subscriptions**: CVV not required after initial setup ## Related Resources * [API Endpoints](/rest-api/api-reference/api-reference.md) * [Security & PCI Compliance](/rest-api/core-concepts/security.md) * [Customers](/rest-api/core-concepts/customers.md) --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://plexo.gitbook.io/rest-api/core-concepts/tokenization.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.