Token migration is the process of transferring card numbers from an existing provider to Yuno's secure vault. During this process, a new token is generated for each card, ensuring seamless continuity and security for payment processing. The token migration process consists of three main steps:
The merchant requests the token migration process to its current payment processor.
Yuno and the payment provider collaborate to securely import all card data into the Yuno Token Vault.
The merchant uses Yuno's Token Migration API to map the tokens from the payment provider to the vaulted_tokens of Yuno.
First step
To initiate the token migration process, contact your business advisor at Yuno to assess the viability and schedule of the procedure.
Importing cards from a gateway account (steps 1 and 2)
Since token migration involves sensitive information, strict security protocols must be followed. To import card data into Yuno from an existing gateway, complete the following steps:
Coordinate with the Current Gateway: Contact your current third-party vault or gateway and request an export of the payment method data. Ensure you follow their specified protocols.
Complete the Formal Request: Submit a formal request to Yuno, ensuring all required details and processes are documented. The gateway's response time and procedures will determine the data transfer process.
Your responsibilities when migrating tokens
You are responsible for managing communication with your gateway provider throughout the migration process. The Yuno team will support and collaborate directly with the third-party vault/gateway to facilitate the importing process.
In addition, the customer subscription information, including amounts, dates, etc., must be obtained directly from the exporting entity, as Yuno will not extract this data from encrypted files.
Data transfer security
All data throughout the migration process is encripted using PGP keys and transferred using SFTP (Secure File Transfer Protocol).
Client Side Requirements (step 3)
At this point, you will provide the user's data (the buyers) and their existing payment methods.
Currently, you can execute the token migration process using the Yuno API, which is specifically designed for merchant use. As a merchant, you will use this API to:
Add customers: Create customers into the Yuno system.
Enroll payment methods: Enroll payment methods acquired from payment processors for each customer on the Yuno system.
The API migration option is available for merchants to use to manage their customers and their respective payment data.
Access the step-by-step guide on how to perform the token migration using the API using the button below:
Yuno defines the required parameters for each customer and credit card to proceed with the migration process. The list of the required parameters is present below:
Account ID
Merchant customer ID
First name
Last name
Email
Country
Document number
Document type
Payment method type
Payment method ID
Payment method token
You can use the Customer Object and Payment Method Object to find all the possible parameters that can be used when importing/creating customers or enrolling payment objects.
Different technical limitations associated with alternative payment methods may render them ineligible for migration between service providers. Contact the Yuno support team if you're contemplating the migration of alternative payment method tokens, such as Mercado Pago Wallet Connect, Bancolombia Tokenbox, etc., to the Yuno vault.
Data validation
To ensure efficient processing and prevent delays, please include the following information when communicating with Support:
The external identifier name to be used for the import.
An approximate count of the expected number of payment methods to be included (a rough estimate is acceptable).
Any known data gaps, such as missing names or expiration dates.
Yuno does not validate expiration dates during credit card import.
Data protection
When making payments through Yuno, the platform connects to payment processors. Yuno tokenizes and encrypts the data to ensure data security, simplifying the PCI compliance process. However, you remain responsible for managing and protecting your customer's (the buyer's) data. In addition, you are responsible for communicating any additional fees or other issues to your customer.
Gateway / Payment Provider Requirements
To move forward with the process, you'll be requested to provide the following:
A public SSH key (you can provide one for production and another for testing). For this, you can use the following command: ssh-keygen -t rsa -b 4096 -C [email protected]
The outbound IPs that will be used during the migration.
A template file of the data to be migrated to understand its structure. It must include the following mandatory data:
Cardholder Name: The full name of the cardholder as stored by the current provider.
Expiration Date: The expiry date of the card.
Card Number: The complete card number (PAN) that will be tokenized by Yuno.
Card ID: A unique identifier assigned to each card by the current provider, used by the client for referencing that card during transactions.
PGP Public Key
Use our public key to encrypt the PCI-sensitive files you send to Yuno.
