In today’s digital-first economy, the battle against online fraud is more complex than ever.1 As eCommerce continues to grow, so too does the sophistication of fraudsters.
To stay ahead, businesses need more than just a single line of defense; they need a layered, smart approach. Visa’s powerful suite of Tokenization and Verification Services can help you build these layered defenses.
Why tokenization alone isn’t enough
Visa Tokenization replaces sensitive card data with a unique digital identifier—or token—that protects cardholder information during transactions.2 It’s a powerful tool that reduces the risk of data breaches and unauthorized use. But while tokenization secures the transaction, it doesn’t verify the legitimacy of the account or the identity of the user (beyond the initial provisioning steps to establish the token).
The power of layering: Verification services in action
When combined with tokenization, Visa’s Verification Services—Account Verification (AV), Address Verification Service (AVS), and Account Name Inquiry (ANI)—can help you create a multi-dimensional shield against fraud.
1. Account Verification (AV): Confirming card authenticity
AV checks whether an account is valid and in good standing before a transaction is processed. When used alongside tokenization, it ensures that even if a token is presented, the underlying account is legitimate. This is especially useful for recurring and card-on-file payments, where you need to validate an account without charging it.
2. Address Verification Service (AVS): Matching billing details
AVS compares the billing address provided by the customer with the one on file at the issuing bank. This adds a critical layer of validation, particularly for card-not-present transactions. When paired with tokenization, AVS helps confirm that the tokenized card is being used by the rightful owner, reducing the risk of fraudulent purchases.
Combining AVS with tokenization can reduce card-not-present fraud to as low as 2.2 bps from 7.3 bps with token alone, and 7.2 bps with AVS alone,3 and we see more merchants using AVS with tokenization than without in card-not-present transactions.4
3. Account Name Inquiry (ANI): Verifying identity at the source
ANI allows merchants to verify the name associated with a card account, a game-changer for onboarding and high-risk transactions. By confirming that the name provided matches the issuer’s records, ANI can help you prevent synthetic identity fraud and account takeovers—two of the fastest growing threats in digital commerce.
The impact: Better fraud detection, fewer false declines
Together, these services create a robust fraud prevention framework that not only detects suspicious activity but also improves the customer experience. By validating transactions more accurately, businesses can reduce false declines—those frustrating moments when legitimate customers are turned away.
A smarter, safer way to transact
Better fraud prevention means layering tokenization and verification together so you can better protect your customers, reduce fraud losses, and build trust in every transaction.
In a world where digital threats evolve daily, combining tokenization with verification services isn’t just smart—it’s essential.
Learn how Visa Account Verification can make payment experiences more seamless:
1 https://corporate.visa.com/content/dam/VCOM/corporate/services/documents/vca-helping-maximize-merchant-success.pdf
2 https://www.visaacceptance.com/en-us/blog/article/2025/tokens-are-key-to-future-proofing-payments.html
3 Visa auth data. Fraud rates use positive matches for AVS and CVV2, as per token and 3DS being where token and 3DS have been successful. AVS F2S shows both full-match/match-partial. 3DS covers both methods, with challenges called out separately (Chg). Approval rates are based only on influenceable auth responses (00,05,10,59,6P,P5,N7*,85,93,12) and 3DS=ECI5. Disputes are disputes to sales $.
4 Visa card not present transaction and Token and AVS usage data sourced from Visa Auth Table (July-2024 to July-2025). AVS is identified using avs_rslt_cd in (‘Y’, ‘A’, ‘Z’, ‘N’, ‘R’, ‘U’) and token_tran_ind is used to identify token transactions. Visa card not present is defined using pos_entry_mode_cd and pos_cond_cd.
Disclosure: Case studies, comparisons, statistics, research, and recommendations are provided “AS IS” and intended for informational purposes only and should not be relied upon for operational, marketing, legal, technical, tax, financial, or other advice. Visa neither makes any warranty or representation as to the completeness or accuracy of the information within this document, nor assumes any liability or responsibility that may result from reliance on such information. The information contained herein is not intended as investment or legal advice, and readers are encouraged to seek the advice of a competent professional where such advice is required.