> ## Documentation Index
> Fetch the complete documentation index at: https://developers.pcibooking.net/llms.txt
> Use this file to discover all available pages before exploring further.

# Network Tokenization

> Replace stored card numbers with network-issued tokens from Visa, Mastercard, and Amex for higher approval rates and automatic card updates.

## What Is Network Tokenization?

Network tokenization replaces a card's primary account number (PAN) with a token issued by the card network (Visa, Mastercard, or Amex). Unlike PCI Booking's vault tokens, which are internal references, network tokens are recognized by issuers and can improve authorization rates.

A network token is:

* **Bound to your merchant.** It cannot be used by anyone else.
* **Automatically updated.** When the issuer replaces, renews, or re-issues the card, the network updates the token. No action needed on your side.
* **Tied to a cryptogram.** Each transaction generates a unique cryptogram, reducing fraud risk.

## Why Use It?

| Benefit                     | How                                                         |
| --------------------------- | ----------------------------------------------------------- |
| Higher approval rates       | Issuers recognize network tokens as lower risk              |
| Fewer expired card declines | Network auto-updates token when card is renewed or replaced |
| Reduced fraud               | Per-transaction cryptograms prevent token reuse             |
| Card-on-file compliance     | Meets Visa and Mastercard card-on-file mandates             |

Network tokenization is most valuable for **recurring payments** and **card-on-file** scenarios where you store a card long-term and charge it repeatedly.

## How It Works with PCI Booking

PCI Booking acts as the Token Requestor with the card networks. You don't need a direct relationship with Visa, Mastercard, or Amex token services.

### From raw card data

1. You submit card details and cardholder info to PCI Booking's [Network Tokenize a Card](/api-reference/additional/network-tokenize-card) endpoint.
2. PCI Booking submits the request to the card network.
3. The network issues a network token.
4. PCI Booking stores the network token and returns a PCI Booking token URI.

### From an existing PCI Booking token

If you already have a card stored as a PCI Booking token:

1. Call [Network Tokenize from Token](/api-reference/additional/network-tokenize-from-token) with the existing token URI.
2. PCI Booking retrieves the card data internally, submits to the network, and stores the resulting network token as a new PCI Booking token.
3. Optionally delete the original token by setting `deleteExisting=true`.

In both cases, the resulting PCI Booking token works exactly like any other token for charges, relay, and display.

## Supported Networks

| Network    | Supported |
| ---------- | --------- |
| Visa       | Yes       |
| Mastercard | Yes       |
| Amex       | Yes       |

Not all cards can be network-tokenized. The issuing bank must support it for the specific card. If a card cannot be tokenized, the API returns error code `-150`.

## Cardholder Information

The card networks use cardholder information for risk scoring when deciding whether to approve the tokenization request. Providing more data increases the chance of approval:

* **Required:** First name, last name, IP address, country code
* **Recommended:** Email, phone, billing address, postal code
* **Optional:** Device location (latitude/longitude), device and account trust scores

## Lifecycle Management

Network tokens are managed through PCI Booking:

* **Automatic updates.** When the underlying card is renewed or replaced, the network notifies PCI Booking and the token is updated automatically. This is the primary benefit for card-on-file use cases.
* **Deletion.** Use [Delete Network Token](/api-reference/additional/delete-network-token) to remove a network token from both the card network and PCI Booking. Always delete network tokens you no longer need.
* **Metadata.** Use [Retrieve Token Metadata](/api-reference/manage-tokens/retrieve-token-metadata) to check if a token is network-tokenized. The `NetworkTokenInfo` field is present for network tokens.

## When to Use Network Tokenization

**Good fit:**

* Subscriptions and recurring billing
* Card-on-file for returning customers
* Travel bookings with future charge dates
* Any scenario where you store a card and charge it later

**Not needed:**

* One-time payments where the card is used immediately and not stored
* Token replacement (relay) workflows where you only pass card data to a third party

## Related

* [Network Tokenize a Card](/api-reference/additional/network-tokenize-card) - API reference
* [Network Tokenize from Token](/api-reference/additional/network-tokenize-from-token) - API reference
* [Delete Network Token](/api-reference/additional/delete-network-token) - API reference
* [Update an Expired Card](/use-cases/update-expired-card) - Manual expiry updates (network tokenization handles this automatically)
