Keep every stored card when you change PSPs. Earn the network-token uplift the schemes publish, on Visa, Mastercard, and American Express at once. Audit the whole credential lifecycle from one surface.
tok_*Most "tokenization" is gateway tokenization: a placeholder reference scoped to a single PSP’s vault. Veliro provisions credentials directly with the networks, bound to your merchant identifier, recognized across acquirers, never inside a PSP scope.
Merchant application
api.veliro.com · TLS 1.3 · mTLS opt
Veliro credential layer · Level 1 PCI
provisioning · direct connect
Card networks · direct
authorization · token + cryptogram
PSP & acquirer · rotatable
Portability across PSPs, scheme-published authorization uplift, one operational surface, and interchange plus PCI scope savings. Each outcome below is backed by evidence you can audit, not a marketing claim.
Credentials land on your network identifier, not a gateway vault. A processor change is a routing-policy edit: same tok_* on every acquirer, no customer comms.
tok_* across acquirers, zero opt-in funnels.Tokenized CNP interchange runs roughly 10 basis points lower5 than PAN CNP on typical Visa and Mastercard programs. Secure Fields keeps card data off your servers so PCI scope contracts to SAQ‑A6.
MDES, VTS, and AETS on one integration, with the right TAVV, UCAF, or AEVV cryptogram per transaction. Visa reports a +4.6% CNP approval lift1 for tokenized vs non-tokenized credentials.
Mastercard, Visa, and Amex publish their own uplift bands. Most teams ship one PSP and leave the rest of that revenue on the table. Veliro retrieves all three cryptograms with the correct ECI indicator and lets you attribute the uplift against your own baseline.
Every credential, cryptogram, and signed lifecycle event in one audit trail. Twelve event types and a wildcard; HMAC-SHA256 signed; replayable per delivery.
No fan-out across three network portals, no PSP-shaped data model in the middle. Lifecycle ships into BigQuery, Snowflake, or your OpenTelemetry pipeline in its native event shape.
Veliro isn’t an engineering-only decision. Each role below gets something specific when you go live, whether that is four teams or one engineer wearing four hats. No dedicated payments team required.
One REST contract from sandbox to production. Idempotency-Key on every mutating call; signed webhook events you can replay per delivery.
POST /v1/tokens
Idempotency-Key: 8d…f3
{ "card_on_file": "cof_01H…" }One audit trail across MDES, VTS, and AETS. Suspend a credential without an engineering ticket; replay an event window the same way.
Scheme benchmarks on tokenized CNP price ~10 bp under non‑tokenized and report 28–34% less fraud on the same volume. Secure Fields contracts the checkout from SAQ‑D to SAQ‑A; the annual QSA bill follows.
| Interchange (CNP) | −10 bp5 |
| Fraud (CNP) | −28–34%3 |
| PCI scope | SAQ‑D → SAQ‑A6 |
The audited boundary. The vault contains your PCI scope: SOC 2, PCI Level 1, and ISO 27001 attestations on the same surface.
Search credentials, replay lifecycle events, and reconcile changes across networks from one surface. Built for whoever runs payments day to day: a dedicated ops team or one engineer with ops on their plate.
Consolidate the credential estate onto one surface. Keep the network-token benefits the schemes publish. Keep every PSP a choice you can revisit on a Tuesday.
The credential layer is the one piece of payments infrastructure you should never rent from a processor. Own the token, own the cryptogram, own the audit trail, and a PSP becomes a routing decision you change on a Tuesday.
Tokens, cryptograms, and lifecycle are orthogonal REST resources. Compose them, don’t subscribe to a flow. Each links to the API reference on the homepage with request schema, idempotency semantics, and scheme coverage.
Credentials provisioned to your merchant identifier on Visa VTS, Mastercard MDES, and Amex AETS. The credential follows you across PSPs and networks.
POST /v1/tokens · synchronous · idempotent
Per‑transaction TAVV, UCAF, and AEVV cryptograms with the right ECI indicator. Single‑use, short TTL, idempotent by request key.
POST /v1/merchants/{m_id}/tokens/{id}/cryptogram · single‑use
Signed events for every credential state change. Replayable per delivery, rotatable signing secret, wildcard or per‑type subscriptions.
POST /v1/webhooks · 12 event types
The vault boundary contains your PCI scope by architecture. Attestation status and audit timing live in the trust center.
Detailed attestation status and audit timing live in the trust center (NDA).
Every Veliro engagement starts in the same self-serve sandbox and grows from there. No payments team required to get your first token on a network, and a demo whenever you want a walkthrough.
A self-serve sandbox with full network-token coverage. Same API surface as production.
pk_test_* / vk_test_* sandbox keysProduction pk_live_* and vk_live_* keys, a dedicated success engineer, and network‑token uplift attributed against your baseline.
For merchants with BYOK signing keys, custom retention, and bespoke network program entitlements.
Sandbox key in minutes. First portable credential on a network soon after. Then keep it, whatever PSP you pick next.