Payee Token+

Reduce data risk on your application by tokenizing, validating and storing your payee's account details, card numbers and other sensitive information in a highly secure enclave.

Overview

The Payee Token+ API enables your application to tokenize and validate sensitive payee data (PII and PCI data) for various payment rails like Zelle^®, ACH, RTP^®, wires, checks and card information. With your application providing the payee details to Payee Token+, the payee data is tokenized and stored, and your application receives a payee token in return. If opting for the account validation service, the account details such as the account number and routing number are validated for authenticity prior to returning a payee token. This helps reduce the storage risk of fraudulent or erroneous payee details.

Features

Create a payee token.

Create a payee token for the given sensitive account information of the payee.
Supports account information for the following payment rails:
- Zelle – includes email address and phone number
- ACH and RTP – includes account number and routing number
- Check details – includes payee name and address
- Domestic wires – includes account number, routing number and corresponding bank details
- International wires – includes IBAN, BIC / SWIFT code and intermediary bank details
- Card information – includes 16-digit PAN number and expiry date
Optional value-added account validation service: Opt in to validate the authenticity of the account information such as account number and routing number of the payee before creating the respective payee token.

Retrieve payee details.

Retrieve details of the payee token by passing in the associated token.
Mitigate data risks and reduce costs associated with storing sensitive payee information.

Delete a payee token.

Delete a payee token by passing in associated payee token.

Workflow

Payee Token+ - workflow

Example use cases

Process claim payments.

Anna is a claims manager at a nationally-known insurance firm and issues many claim payments via ACH every year. The company’s enterprise resource planning (ERP) system needs to follow the new NACHA rule, stating large non-FI ACH Originators, Third-Party Service Providers (TPSPs) and Third-Party Senders (TPSs) need to protect deposit account information by rendering it unreadable when stored electronically. The Payee Token+ API enables their ERP system to tokenize their claimants’ (payees’) deposit account information to follow the new NACHA rule. Anna can now originate the claim payments via ACH simply by rendering the claimant’s tokens to U.S. Bank to process the claim payments.

Eliminate manual disbursements.

John is an administrator at the bursar's office of a university. He manages periodic scholarship disbursements to several qualified students each semester. The university's ERP system, which he uses to manage scholarship disbursements, requires him to enter the ACH account information of each student every semester. This is a manual process with repeated entry of sensitive payment information each semester. Payees are validated for authenticity by performing micro-deposits which increases the payee set-up time up to four business days. In using the Payee Token+ API, John does not have to repeat manual entries each semester because his ERP system can now tokenize and validate the authenticity of the sensitive ACH payment account information for all students. He can now easily make scholarship disbursements to several students by simply choosing their respective ACH tokens.

Mitigate data storage risk.

Suzanne manages the checkout platform for a large e-commerce company. The company is looking for a solution to better manage data risks associated with the large number of retail customers storing their credit card information with the company. With the Payee Token+ API, the e-commerce company can manage and reduce the data risks associated with storing their customer credit card information by tokenizing and securing data at the U.S. Bank PCI compliant enclave.

Restrictions

Account details validation is limited to validating account numbers and respective routing numbers.
Account details validation is an optional service. Opting in is required prior to receiving the service.
The scope of Payee Token+ is limited to manage tokens only. Your application maintains the entity name (payee name) and its respective token relationship.