YoPay.mobi plays an integral part in m-payment processing through the Provision of Tokenization Management
YoPay.mobi token management protects sensitive data that enters
organisations and facilitates compliance with regulations (such as PCI DSS and HIPAA) by reducing the regulatory scope and costs.
As technology evolves, consumers are increasingly making their purchases online or through mobile devices and "digital wallet" applications — and their payment card information may be saved online for more efficiency in future check-out experiences.
In response, the industry has moved to support payment form factors that provide increased protection against counterfeiting, account misuse and other forms of fraud.
With criminals inventing new ways to steal customer information, it is more important than ever for financial institutions, merchants and payment brands to ensure consumer security.
While chip cards provide substantial protection for card-present transactions, a similar need exists to minimize unauthorised use of cardholder account data and to reduce fraud for card-not-present transactions, as well as in emerging transaction environments that combine elements of card present and card-not-present transactions.
One such way is through the use of payment token numbers
How Tokenization Works
Tokenization is the process of replacing sensitive data (primary account numbers, social security numbers etc.) with a surrogate value, a token.
The tokenization process significantly reduces the risks of data exposure and data-blooming, as the sensitive data is stored in a central token vault in an encrypted format.
Every token that is issued, represents a single unique string of sensitive data. Assigning a token to a single original Primary Account Number (PAN) enables merchants to use the same token multiple times, whenever the specific PAN is used in a transaction.
YoPay.mobi token managment complies with PCI Tokenization Guidelines(Published August 2011) and VISA Tokenization Best Practices.
Tokenization eliminates the need for merchants, e-commerce sites and operators of mobile wallets to store sensitive payment card data on their networks.
Payment tokenization allows a consumer to register a payment card with a mobile wallet or online store and replace the actual card number with a payment token number used for that merchant or wallet vendor.
How does tokenization benefit both the Merchant and the Consumer?
A token is stored in the merchant environment in place of the primary account number, making it possible for a merchant to process follow-up transactions, without having to store customers' account data in the clear:
• Tokens remove the need for merchants to retain PANs in card data environment.
• Tokens cannot be used by an unauthorised party to conduct fraudulent transactions.
• Tokens match the format of the initiating PAN.
• Tokens do not overlap major brands. Visa®, MasterCard® and American Express® are using different BIN ranges for tokenization that look exactly like their PANs today. Visa and MasterCard will be using BINs within their existing range today.
• Tokens are card-based, meaning a merchant will always get the same token back for a specific PAN.
• Tokens share the last 4 digits with the corresponding PAN.
• A payment token can be used freely by systems and applications within a merchant environment. Where payment tokenization is properly implemented, merchants can limit the storage of cardholder data to within the tokenization system, and can simplify an entity's assessment against PCI DSS standards.
• Acquirers and merchants may experience a reduced threat of online attacks and data breaches, as payment token databases are less appealing targets given their limitation to a specific domain (i.e., online, NFC, QR Code). Acquirers and merchants may also benefit from the higher assurance levels that payment tokens offer.
• Merchants can use tokenization to facilitate on-demand, subscription or recurring transactions.
• How does payment tokenization affect the consumer experience? The consumer has greater peace of mind with enhanced security measures, and he or she also benefits from a more efficient shopping experience.
• The card number and other details a consumer uses during enrolment can be taken by a wallet provider and passed securely to the payment brand.
• The Token Service Provider then switches the physical card number for a completely different payment token number with a new expiration date.
• The payment token — not the consumer's card number — is stored securely in the phone's wallet.
• The payment token can only be used with the associated device.
• If a criminal steals the registered device and tries to use it online or on a physical card, it won't work. The consumer's physical card can be used as normal, and does not need to be replaced. Similarly, whenever a consumer uses NFC at a merchant, the payment token is used in the transaction. If a criminal compromises the merchant, the data is completely unusable. The consumer can also use payment tokenization in e-commerce or m-commerce scenarios.
When the consumer associates their payment card with an e-commerce merchant using payment tokenization, they receive a new payment token number to be used solely with that particular e-commerce merchant.
When the consumer shops online with that merchant, the payment token is the only data being passed to the merchant's site.
Just as in the in-store example above, if a criminal hacked the e-commerce site and accessed the consumer's information, the hacker would find the information completely useless.
Why is tokenization needed today?
Over the past few years, broad proliferation of "card-o- -file" models, both "Remote" and "Proximity," has created an industry need to produce and use tokens
At YoPay.Mobi, we are committed to honouring the privacy of our online and mobile customers.
We recognise the importance to you of maintaining an appropriate level of privacy and security for the personal information we collect from you over the Internet and through the Mobile Applications that we support.
The following discloses our Web site information gathering and use practices and is limited to the protection and use of personal information collected by us in the online environment.
Please note that this privacy statement applies only to this site and mobile applications that utilise the Yoyummy system and not to the web sites of other companies or organisations to which we might link to.
All references to “YoPay.Mobi” throughout this policy statement include, unless otherwise stated, all YoPay.Mobiaffiliate companies, successors and assigns.
Collection and Use of Personally Identifiable Information
YoPay.Mobiis committed to respecting your privacy. Once you choose to provide personally identifiable information (described below), it will only be used in the context of your customer relationship with the Mobile Application Merchants to whom we provide a Tokenization service for their and your enhanced security against fraud.
On various Mobile Applications supported by us, the types of personal information collected are name, username, contact and billing information, transaction, and credit card information. In addition where we deem necessary we ask you to input a security code that might be used to confirm transactions. Not all circumstances will require you to input this code but we would indicate that you must keep this code secret.
YoPay.Mobiwill not sell, rent, or lease your personally identifiable information to others. For example your purchasing habits in respect of food and other items purchased through mobile applications we support.
Unless required by law, we will not share personal information with anyone.
Your information is used solely to help complete a transactions, to communicate back to you, to update you on service and benefits of the Mobile Application Merchants who provide you this service.
YoPay.Mobistrives to keep your personally identifiable information accurate. Every effort is made to provide you with online access to your registration data so that you may update or correct your information at any time.YoPay.Mobiis committed to ensuring the security of your information. To prevent unauthorised access, maintain data accuracy, and ensure the appropriate use of information, appropriate procedures are in place to safeguard and secure the information collected online. YoPay.Mobiuses encryption when collecting or transferring sensitive data such as credit card information.
Who Has Access to This Information?
The Merchant with whom you have transacted has no access to personal information such as credit cards or Tokens. In addition Merchants have no functionality to download the database of their customers as it is our policy is to prohibit these companies from otherwise selling or disclosing the personal information we are entrusted with. Naturally Merchants will have their own policies and you should view their Privacy Policies accordingly.
Voluntary Customer Surveys.
We may periodically conduct both business and individual customer surveys. We encourage our customers to participate in these surveys because they provide us with important information that helps us to improve the types of services we offer and how we provide them to you. Your personal information and responses will remain strictly confidential. Participation in our customer surveys is voluntary.
We may use your e-mail address to convey marketing-related communications like newsletters and updates regarding new participating Mobile Application Merchants, such as specials or features on the on their mobile phone apps supplied by the YoYummy system.
We may also use this information to contact you for administrative or customer service.
The Merchant also may use your email address and mobile telephone number to convey marketing-related communications, including through vendors that perform marketing services on its behalf.
If you do not wish to receive marketing-related emails or Sms messages from us or the Merchant, you may unsubscribe from receiving them by clicking on the “unsubscribe” link at the bottom of any such email or at the bottom of any purchase page on any supported website or mobile application each time you make a transaction.
We recognise the importance of children’s safety and privacy on the Internet. For this reason and to comply with certain laws, we do not intentionally collect personal, individually identifiable information from children under the age of 13, nor do we offer content targeted to children under 13. We recommend that children always ask their parents or guardians for permission before disclosing any information online. Several software companies can provide children’s safety software.
There exist procedural safeguards designed to protect the confidentiality of personal information provided by you at our Web site. For example, unique passcodes or passwords are required to access a number of our services.
In addition to requiring the use of a unique passcode or password, all payments processed through our Web site or Mobile App servers require personal transactional information provided by you to be sent in a “Secure Session” using Secure Socket Layer encryption technology.
This technology encrypts – or scrambles – your financial or credit card account information to help prevent unauthorised parties from reading it.
We regularly test and update our technology to help protect your personal information. However, such precautions do not guarantee that our Web site is invulnerable to all security breaches.
YoPay.Mobimakes no warranty, guarantee, or representation that use of our Web site is protected from all viruses, security threats or other vulnerabilities and that your information will always be secure.
Links to Other Sites
For the convenience of our visitors and customers, this Web site may contain links to other sites. While we generally try to link only to sites that share similar high standards and respect for privacy, we are not responsible for the content, products or services offered or the privacy and security practices employed by these other sites.
Because of the evolving nature of the technologies that we use and the way that we conduct business, we reserve the right to revise, amend or modify this policy, and our other policies and agreements, at any time and in any manner. We will post any revisions, modification or amendments on this site.
Enforcement of this Statement of Privacy
If you have any questions regarding this statement, you should first contactYoPay.Mobi via email at privacy@YoPay.mobi
1. YoPay.mobi is a Trading Name of Mr Richard H Kendal, c/o Alexanders and Co. St Annes Square Manchester M2 7PW, United Kingdom
2. In return for Us providing You with the Services, You shall pay to Us the Fees and all other sums payable by You to Us in accordance with the provisions of the Contract.
3. Unless stated otherwise, all Fees, charges and other payments to be made by You under the Contract are exclusive of VAT and any other relevant taxes and in addition to paying such Fees, charges or other payments You shall also pay any such taxes.
4. We (including our Partners with whom you have entered into agreement for such services) may from time to time vary the Fees and/or introduce new charges in addition to the Fees by giving You not less than 30 days' notice.
5. Transaction Charge Fees are calculated per transaction that are processed through our Merchant Service Partners utilising our tokenization management system that enables repeat billing facilitating Mobile Payment functionality for mobile and web based applications.
6. Our charges are published within your system provided in partnership with your mobile application provider.
ACCEPTABLE USE POLICY
By accessing or using the payment processing services (the "Payment Services") provided by YoPay.mobi ("YoPay.mobi," "us," "we"), you agree to comply with the terms and conditions of this Acceptable Use Policy.
1. Restricted Activities
You may not use the Payment Services in connection with any product, service, transaction or activity that involves:
● a. Violates any law or government regulation, or promotes or facilitates such by third parties;
● b. Violates any rule or regulation of Visa, MasterCard, American Express, Discover or any other electronic funds transfer network (each, a "Card Network");
● c. Is fraudulent, deceptive, unfair or predatory;
● d. Causes or threatens reputational damage to us or any Card Network;
● e. Involves any of the business categories listed in Section 2; or
● f. Results in or creates a significant risk of chargebacks, penalties, damages or other harm or liability.
2. Certain Business Categories
You may not use the Payment Services in connection with any product, service, transaction or activity that:
● 1. age restricted products or services
● 2. aggregation or factoring, whether licensed or unlicensed
● 3. airlines (exceptions apply if you get our prior written approval)
● 4. bail bonds
● 5. bankruptcy lawyers
● 6. bidding fee auctions
● 7. business or investment opportunity sales
● 8. chain letters
● 9. check cashing, wire transfers or money orders
● 10. collection agencies
● 11. counterfeit goods or any product or service that infringes upon the copyright, trademark or trade secrets of any third party
● 12. credit card and identity theft protection
● 13. credit counseling, repair or protection services, or mortgage consulting or reduction services
● 14. cruise lines
● 15. currency exchanges or dealers
● 16. decryption and descrambler products designed to circumvent intellectual property rights or protections, including mod chips
● 17. door-to-door sales
● 18. drug paraphernalia
● 19. embassies, foreign consulates or other foreign governments
● 20. essay mills
● 21. evading card association chargeback monitoring programs
● 22. extended warranties ● 23. real estate purchases with no money down
● 24. flea markets
● 25. fortune tellers
● 26. gambling (including but not limited to lotteries, Internet gaming, contests, sweepstakes, or offering of prizes as an inducement to purchase goods or services) (exceptions apply in some countries and if you get our prior written approval)
● 27. "get rich quick" schemes
● 28. human hair, fake hair or hair-extensions
● 29. loan modifiers
● 30. mail-order brides
● 31 .marijuana dispensaries and related businesses
● 32. membership subscriptions > 1 year (exceptions apply if you get our prior written approval)
● 33. money transmitters or money service businesses
● 34. multi-level marketing or pyramid schemes
● 35. negative response marketing
● 36. offering substantial rebates or special incentives to the cardholder subsequent to the original purchase
● 37. online or other non-face-to-face pharmacies or pharmacy referral services
● 38. online or other non-face-to-face tobacco or e-cigarette sales
● 39. personal computer technical support (exceptions apply if you get our prior written approval )
● 40. prepaid phone cards, phone services or cell phones
● 41. pseudo pharmaceuticals
● 42. products/services that promote hate, violence, harassment or abuse, if illegal
● 43. quasi-cash or stored value
● 44. securities brokers
● 45. sexually-oriented or pornographic products or services
● 46. sharing cardholder's data with another merchant for payment of up-sell or cross-sell products or services
● 47. shipping or forwarding brokers
● 48. social media activity sales (such as sales of Twitter followers, Facebook likes or Youtube views)
● 49. sports forecasting or odds making
● 50. substances designed to mimic illegal drugs
● 51. telecommunications equipment and telephone sales
● 52. telemarketing
● 53. timeshares
● 54. tour operators (exceptions apply if you get our prior written approval)
● 55. travel agencies or travel clubs (exceptions apply if you get our prior written approval)
● 56. virtual currency or credits that can be monetized, re-sold or converted to physical or digital goods or services or otherwise exit the virtual world
● 57. weapons and munitions
3. Actions by YoPay.mobi
If, in our sole discretion, we believe that you may have engaged in any violation of this Acceptable Use Policy, we may (with or without notice to you) take such actions as we deem appropriate to mitigate risk to Yopay.mobi and any impacted third parties and to ensure compliance with this Acceptable Use Policy. Such actions may include, without limitation:
● a. Blocking the settlement or completion of one or more payments;
● b. Suspending, restricting or terminating your access to and use of the Payment Services;
●c. Terminating our business relationship with you, including termination without liability to Yopay.mobi of any payment service agreement between you and Yopay.mobi;
● d. Taking legal action against you;
●e. Contacting and disclosing information related to such violations to (i) persons who have purchased goods or services from you, (ii) any banks or Card Networks involved with your business or transactions, (iii) law enforcement or regulatory agencies, and (iv) other third parties that may have been impacted by such violations; or
● f. Assessing against you any fees, penalties, assessments or expenses (including reasonable attorneys' fees) that we may incur as a result of such violations, which you agree to pay promptly upon notice.
4. Amendments This Acceptable Use Policy may be amended by Yopay.mobi at any time by posting a new version of it to our website. By accessing or using the Payment Services after a new version is posted, you agree to all amendments reflected therein
To discover the benefits of providing YoPay.mobi to your existing client base using our simple api methods register to become a partner.