The Secure Exchange of Payment Information (SEPI) component as part of the digital euro generic payment workflow shall support tokenisation and detokenisation of transactional information (such as transaction amount etc.) and/or reference sensitive information (such as the payment instrument etc) on request of a Payment Service Provider (PSP). The communication/messaging between the SEPI component, PSPs and its surrounding components shall be based on standards provided by the digital euro scheme rulebook. Data to be (de)tokenised may vary depending on the end user (individual user or merchant), type of payment device (mobile phone, card etc) as well as the use case (including person-to-person, point of sale and e-commerce). To meet the SEPI components objectives mentioned above, the scope of the service foresees the following functionalities to be provided (non-exhaustive list): - generation of a surrogate value as a result of a tokenisation request triggered by a PSP as part of the generic payment workflow; - respond to the tokenisation request with the generated surrogate value in a format which may support the form of a QR code, a hyperlink, or in a format to enable NFC payload generation; - maintain the lifecycle of the generated surrogate value such as suspend, remove or disable/enable a surrogate value upon the request of the relevant PSP; - enable surrogate value provisioning in the end user device; - enable the surrogate value requestor to restrict the usage of the surrogate value, for example to a specific merchant or a specific payment domain; - detokenise and provide the underlying data associated to a surrogate value as a result of a detokenisation request by a PSP; - provide relevant surrogate value validation functionalities within the component before tokenising, de-tokenising and provisioning; - ensure the confidentiality, integrity and availability of the associated data of a surrogate value by adhering to the highest security standards; All of the functionalities within the scope of service are part of the payment initiation functionality of the digital euro. Therefore, despite the high volume, it must process the (de)tokenisation requests at the lowest possible latency.