How to Improve Security while Simplifying the Checkout Process with your Own Buy Button

A customized buy button allows merchants’ to access the Moneris’ vault and tokenization system in order to store and encrypt their customers’ credit card information. Customized buy buttons are ideal for merchants who have a loyal customer base that makes repeat purchases or subscribes to regularly billed services (such as a gym membership or magazine service).


Access to Moneris’ vault and tokenization system, enables merchants to create a safer checkout process for their customers and themselves.

  1. The Vault:
    • Stores credit card information (credit card number, expiry date, and customer info) on the Moneris Gateway, rather than on the merchant’s server.
    • Card numbers and customer’s personal information will not pass through the merchants’ server, reducing the possibility for security breaches.
  2. Tokenization:
    • Moneris gateway assigns a 25 character alphanumeric code called a token to the specific credit card numbers
    • Tokens are used during transactions in lieu of credit card numbers

The combined use of tokenization and the vault may decrease the risk of a security breach. It also works to make sure that in the unlikely case of a breach, no sensitive authentication data is compromised. This greatly reduces merchant liability, and also ensures that the customer feels safe providing their card information to the merchant.

The customer experience

  1. Customer creates an account with the merchant that links their credit card to personal information, including shipping and billing addresses.
  2. Information is sent to the Moneris Gateway and sensitive authentication data is stored on the vault. A token is generated for the credit card and linked to the customer account.
  3. The token and a masked PAN are sent back to the merchant (the masked PAN is used as an identifier for the customer, so their account can have multiple cards linked).
  4. Customer can now make purchases without filling in card details.

Once the customer account is created and the token is generated, the customer can pay by simply selecting their chosen card and entering their secure password. The merchant then builds a payment request, which is sent to Moneris, using the token. Moneris then locates the card information linked with the token in the vault, and processes the payment.