Network Token (External)
Quick Reference
WhatDPAN + cryptogram on the charge API
WhyHigher approval rates and scheme-level trust vs raw PAN
DifficultyAdvanced
PrerequisitesHost-to-Host → Authentication
If your stack already performs network tokenization and 3DS outside A55, use the same POST charge endpoint with a tokenized PAN (DPAN) and a one-time cryptogram from your token service.
Why network tokens
| Benefit | Detail |
|---|---|
| Higher approval rates | Issuers favor network tokens over raw PAN |
| Card-on-file continuity | Tokens update when cards are replaced |
| Reduced fraud | One-time cryptogram per transaction |
| Scheme-level trust | Direct relationship with Visa/Mastercard vaults |
Token lifecycle
Payload shape
| Field | Description |
|---|---|
card_number | DPAN from your network token provider |
card_cryptogram | TAVV / CAVV one-time cryptogram |
card_expiry_month / card_expiry_year | Token expiry as provided by the scheme |
threeds_external object
| Field | Description |
|---|---|
eci | Electronic Commerce Indicator |
cavv | Cardholder Authentication Verification Value |
xid | Transaction ID (legacy contexts) |
version | 3DS protocol version |
Field alignment
Network token and external 3DS fields must match issuer and scheme expectations. Validate every combination in sandbox before production.
Example
- JSON
- Response
{
"wallet_uuid": "00000000-0000-4000-8000-000000000001",
"currency": "BRL",
"type_charge": "credit_card",
"card_number": "4500000000000000",
"card_cryptogram": "AAABBBCCCDDDEEFF==",
"card_expiry_month": 12,
"card_expiry_year": 2030,
"threeds_external": {
"eci": "05",
"cavv": "BwABBylVaQAAAAFwllVpAAAAAAA=",
"xid": "",
"version": "2.2.0"
}
}
{
"uuid": "charge-uuid",
"status": "confirmed",
"reference_external_id": "ord_001",
"eci": "05",
"authentication_type": "network_token",
"scheme_transaction_id": "123456789012345"
}
POST https://core-manager.a55.tech/api/v1/bank/wallet/charge/ with Authorization: Bearer $ACCESS_TOKEN.
Security
Network tokens replace raw PAN with scheme-level tokens, reducing exposure to sensitive card data. A55 handles all token lifecycle management and secure storage on your behalf.