Login >

Sage Pay Token system - Understanding the process

If you would like your customers to enjoy an easier checkout process the Sage Pay Token system is for you.

What is the token system?

The token system allows your customers to register their card on your website to use for future purchases.

This will allow your customer to simply log into your website, select the card they would like to use for the purchase and proceed to the checkout pages.

How does it work?

The token system works with both SERVER and DIRECT methods of integration with Sage Pay. Your shopper will be able to register their card on the Sage Pay system and then use this for future purchases.

There are 2 ways of using the Sage Pay token system, you can simply register a token or you can process a transaction and create a token on the back of a purchase.

Our system will capture all of the shoppers card details on our secure system and provide you with a “token” in place of the card details that you will store on your system.

Then, when processing future transactions you will send us the “token” instead of your customer needing to re-enter their card details for the payment.

The shopper will only need to enter their CV2 value for the card, as opposed to the full details when they want to make future purchases.

Registering a token – standalone – protocols 2.23 and 3.00

To register a token with Sage Pay your system will need to perform a registration post to our system, the shopper will then be transferred to our payment pages (SERVER integration ONLY) where the card details will be captured on our secure system and a token provided in place of the entered card details.

Server integration - token registration process map

If you are using Sage Pay DIRECT you will need to capture the card details of the shopper on your own pages and send all of the information through to us and we will send you the token in place of the details.

Direct integration - token registration process map

The token will then need to be stored on your system and be assigned to the customer to be used when they want to make a purchase through your site.

Registering a token – part of a transaction – protocol 3.00 ONLY

Along with registering a token on its own you can also create a token on the back of a transaction you are processing.

To do this your shopper will go through a transaction as normal and make a purchase.  When your system makes the transaction registration post to our system you will simply need to pass an additional field :-


This will use the card details that have used for the transaction and create a token for you.  The token will then be sent back through to you when the response to the transaction is sent.

The token will then need to be stored on your system to be used in the future.


Server integration - creating a token as part of a transaction

For SERVER transactions the card details will be captured on the Sage Pay payment pages, while DIRECT transactions will have the card data captured on your own website and then passed through to Sage Pay.


Direct integration - create a token as part of a transaction

Using a token

Once you have received the token from us you are ready to use it to make a purchase.

Using the token is simple.  Just like processing a normal transaction you will follow the same steps but will include an additional field in the transaction registration post to us :-


This field will include the token that was sent back to your system by Sage Pay when you registered the token on your account.

Our system will then locate the card details assigned to that token and use this information in place of having the shopper enter the card details manually on the payment pages.

When using the token for the first time your shopper will not need to enter ANY details as these will all be stored on our system.

If this is the 2nd of more use of the token the shopper will need to re-enter the CV2 value in order for the transaction to be processed.

This is because we are not able to store the CV2 value once the token has been used for the first time. If you do not want to capture the CV2 value for the transaction all you will need to do is disable your AVS/CV2 fraud screening tools and the CV2 value will become an optional field.

For SERVER users your shopper will be transferred through to our payment pages – or if you are using our InFrame solution presented with our payment page on your site for the details to be captured.

This is because you are using the Sage Pay hosted payment pages and we will capture the details for you.

For DIRECT users you will need to send this through to us with the transaction registration as we do not capture the details and all information is gathered on your own site.

The transaction will then be processed as normal.

The token ONLY replaces the card details that are normally captured for a transaction.  All of the other information that is passed with the transaction will remain the same.

How do you know which token to use?

When registering a token with us we will NOT store any other information apart from the card details.  When we send the token back to you it will need to be stored against the correct customer for future use.

It is best when using the token system to have a “log in” step for your shoppers so they can have their own account on your system, and you can correctly store the token.

If the wrong token is sent for the wrong customer we will still process the transaction as we have no way to associate the token with the shopper.

How do I store tokens on my account?

Every time a token is used for a transaction you include the field – StoreToken=1. The value 1 states that you would Sage Pay to continue to store the token on our system.

If this field is passed through to our system as StoreToken=0 we will delete the token remove it from our system.

Once removed, a token cannot be restored and you would then need to re-capture the details from the shopper.

What are the benefits?

The token system gives you a number of benefits.

Increased customer retention – if customers take the time to register their card details on your website they will be more inclined to return for future purchases.

Single click checkout - by having the card details stored your customers will not need to constantly enter their information into your site providing a smoother and more enjoyable checkout experience.

No loss of security – because we store the card details on our secure system your customers information is completely secure.

All of these benefits allow you to offer your customers an improved checkout process.

How do I get token on my account?

If you would like to get the Sage Pay token system activated on your account please give our team a call on 0845 111 4466 and they will be happy to help you get started.