The Brands consider tokenization a form of stored credential and therefore merchants using tokenization should obtain cardholder consent to put the credentials on file. Each transaction processed with an ETS token should include the CardOnFileData block.

It is the merchant's responsibility to provide the CardOnFileData block in the transaction request to Portico:

• When requesting a new token, request as Initial CoF.
• When processing a transaction with a token, request as Subsequent CoF.
• When storing the token, merchant systems should be updated to also store the CardBrandTxnId of the first or most recent approved transaction.