Authorize.net offers a feature to their base Gateway account called "CIM" or Customer Information Management". This feature allows for several key features:
- Tokenization of all payment methods and credit card data.
- For shoppers that have an account on your site, they may securely save up to 10 payment methods in their account for future use. This data is safely stored on Authorize.net's servers.
- Shoppers are given a unique ID that that Authorize.net sends to your site for authorization and capture of purchases when a saved payment method is used.
- You can see and manage saved shopper profiles within Authorize.net.
- New orders may be placed from within Magento using a shopper's saved data.
- Partially shipped orders can be re-authorized and captured from within the order even when your shopper does not have a saved payment method.
- PCI/DSS Compliance is maintained by Authorize.net.
Tokenization replaces sensitive credit card data with a token, or a unique customer ID. That token is then passed between the site, the gateway account and your credit card processor.
- Tokens are unique to the gateway account you use. For example, if you changed gateway account providers, your tokens or customer data could not be used with the new gateway.
- If a token were stolen, it could not be used at any other merchant or gateway.