The future of payment credential vaulting – exclusive interview with Spreedly

Wednesday 14 June 2023 15:54 CET | Editor: Raluca Constantinescu | Interview

Joe Meuse, VP of Product Management at Spreedly, shares valuable insights into the future of payment credential vaulting.


The term ‘card life cycle’ has been used by the industry a lot lately. What is the definition, and how has this evolved over the last few years? 

The traditional definition of life cycle management, the historical definition, refers to the systematic updating of card details, primarily PAN and expiration date. Life cycle management is useful for all retained cards that are kept on file, and it becomes essential when you start talking about the retained payment methods that are being used for recurring payment streams such as subscription services – or when companies bill their payers on a recurring basis. 

Over time, that definition has evolved, as the technologies that are used for life cycle management continue to advance and the various ways that you can choose to use them to optimise your vault continue to grow more complex. Therefore, it is an evolving concept of managing your vault, but also using it to optimise efficiency and business outcomes. 

What tools and technologies exist or are up and coming that impact (or will impact) how organisations secure and use payment credentials? 

There are a couple of aspects that need to be unpacked here. The first thing you mentioned is how tools and technologies secure credentials. Of course, card vault security is an evolving process, requiring the utmost effort to protect data. In this regard, firstly, I would call out the obvious, the PCI Data Security Standard, a standard that evolves with great frequency – the PCI DSS v4.0, for instance, is expected to take hold in early 2024. 

There are also a few different business techniques that are evolving and that impact security. The first I can think of is security as well as efficient usage – and that would be reflected in network tokenization. Network tokenization is another way to abstract card data to be used for payments. This is beneficial because the actual PAN data can be stored in progressively fewer places. Additionally, tokenization involves some security mechanisms like cryptograms and issuer participation that help to tighten up that flow. This reflects a dual-factor evolution that streamlines both security and usage. 

What is more, we start to see the emergence of digital wallets like Click to Pay, PayPal, or Paze. This has a dual influence as well because, once again, the fewer places that card numbers are floating around, the more secure the data becomes. When you store your card in a single digital wallet, while it is certainly easier to use, from a lifecycle management perspective, that impacts security as well. 

However, whether you're a digital wallet or a general vault provider, what we’re starting to see are new ways to optimise and manage how those cards are being stored. This is of interest to both types of partners in this ecosystem as efforts are directed towards making sure that you're removing redundancy and that you're keeping cards up to date. Both digital wallets and vaults can help with that. 

What limitations exist with traditional vaulting and tokenization and associated tools? 

One of the things that we observe is that more and more tools are starting to become available as more capabilities are being offered by providers or by the card brand networks. 

The main point of concern is that it is becoming more and more difficult to be aware of how to realise their full potential by effectively combining them. It is becoming a full-time job for people to manage their vault as they have to understand what all of the capabilities of these various providers are and the proper way to sequence them – conditions that would lead you to take different sets of next steps. Consequently, we are beginning to witness that the limitations lie more in getting the value out of them, educating the marketplace, and making optimal use of all those tools in concert with each other. 

Can you give a few examples of how payment credential vaulting is used to improve customer experience and improve payments? 

We are used to making a purchase, and if it is a provider that we've worked with, and we usually have repeat engagement with providers, we expect to be recognised. We expect the way that we have paid in the past to be immediately available. We expect that merchant to have put some effort into keeping that payment method that we stored with them firstly secure and secondly always readily available and fresh for use. 

That gets even more interesting when you start to work on a given platform. For instance, if you are shopping through a platform, regardless of the merchant underneath that you're engaging with, you expect that platform to have recognised you. 

META, for example, is processing a high volume of payments and engaging with lots of merchants on their platform. However, whenever you check out, your payment methods are there regardless. Even if you don’t necessarily recognise that you're engaging through the same platform, you are – and you appreciate the fact that that payment method is fresh and ready for you. 

I believe that these examples of ease of use are starting to take hold. Certainly, this is not a brand-new concept. However, the opportunity lies in executing it well and optimising it to ensure there is a minimal set of friction in the process. 

What can we expect in the future? 

I believe we are currently living through an interesting period. Nonetheless, data security must be the foremost concern for merchants. Nowadays, no one wishes to face the negative consequences of failing to do what they should have done to effectively protect data. At the same time, there's always that push and pull of how to achieve a secure outcome while making sure that your customers are delighted with the payment experience you provide and that you're not losing any sales opportunities because of that. Hence, achieving this balance becomes a difficult task for merchants. The good news is that there are new techniques and tools to be aware of that can help you do that efficiently. 

One such tool that businesses can leverage is Spreedly’s Advanced Vault solution. This new vault product seeks to optimise the storage, renewal, and utilisation of one's payment methods by leveraging network tokenization, modern lifecycle features, and management. The new vault empowers users to boost acceptance rates, reduce expenses, and cater to the requirements of cardholders. 

Given that the new technology used to develop the Advanced Vault can actively monitor and maintain payment methods, customers will be able to minimise unnecessary expenses associated with account updates, reduce duplicate payment methods, improve data quality, and lessen the likelihood of transaction declines. 

About Spreedly 

Spreedly's Payments Orchestration platform enables and optimizes digital transactions with the world’s most complete payment services marketplace. Hundreds of customers worldwide secure card data in Spreedly’s PCI-compliant vault and use tokenized card data to enable and optimize over USD 45 billion of annual transaction volumes with any payment service.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Spreedly, payments orchestration, payment credentials, PCI DSS, tokenization, network tokenisation, digital wallet, merchants, payment methods
Categories: Fraud & Financial Crime
Companies: Spreedly
Countries: World
This article is part of category

Fraud & Financial Crime


Discover all the Company news on Spreedly and other articles related to Spreedly in The Paypers News, Reports, and insights on the payments and fintech industry:

Industry Events