The payment token replaces the card or electronic check bank account number, and optionally the associated billing, shipping, and card information. No sensitive card information is stored on your servers, thereby reducing your PCI DSS obligations.
Instrument identifier tokens created using the Token Management Service (TMS) and third-party tokens represent a payment card number or bank account number. The same card number or bank account number sent in multiple token creation calls results in the same payment token being returned. TMS instrument identifier and third-party tokens cannot be updated. If your merchant account is configured for one of these token types, you receive an error if you attempt to update a token.
When using Secure Acceptance with tokens that represent only the card number or bank account, you must include associated data, such as expiration dates and billing address data, in your transaction request.