That's a great question. Vault Operation is what the SED uses to capture and store sensitive cardholder data. In the response, from a create request, you will receive a GUID which will represent the cardholder data. You’ll use this GUID in future transactions in place of this data. Vault Operations is covered in page 34 of the SED 2.0 XML Messaging pdf document. Also, you will find an example of a GUID being used with a transaction on page 23 of the same pdf document. Also, I've included some details below that may help.
A basic "Vault Only" (ie, tokenization sans any actual charge) request will look something like this:
<Request_v1 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
This'll collect the credit card (or ACH) data and return the resultant token back to you. The VaultStorage.Service element takes standard CRUD values so, if you wanted to update an existing token, for example, you'd change it to --
-- where GUID is the existing token to reference.
You can also add that same VaultStorage element to a payment request (PaymentType element) -- you might want to add a "CREATE" operation to charge a card and tokenize it for subsequent payments, for instance. Or, if you have a token and want to save your user some typing, you could do a "READ".
© 2019, Paya Inc. or its licensors.
All other trademarks are the property of their respective owners.