The Reserve Bank of India (RBI) has directed that banks will need to create tokens for all debit and credit card details used in online, point-of-sale and in-app transactions with effect from October 1, 2022.
Currently, debit or credit card credentials such as the owner’s name, 16-digit card number, card verification value (CVV) code and expiry date are stored with the online platform for payment.
As per the new RBI directive, if an individual opts for card-on-file (CoF) tokenisation of a debit or credit card, the card number will be replaced with a token and this unique value will be shared with the merchant, instead of the actual card details.
The consumer will have to key in their entire card details when they shop on an e-commerce platform or mobile app. At the time of purchasing a product, the merchant will initiate tokenisation and ask for consent to tokenise the card. When a consumer gives their consent, the merchant will send the request to the card network.
The tokenisation process, which is applicable for domestic card transactions, is completely free of charge.
The process of tokenisation is aimed at reducing online fraud by making customer details more secure.
The three-step process to tokenisation:
- A customer needs to punch in their card details on the merchant website or mobile application
- They must agree to securely save their card once by selecting the ‘secure your card as per RBI guidelines’ or ‘secure your card’ option
- Finally, they must enter the one-time password (OTP) received via SMS
Rajiv is an independent editorial consultant for the last decade. Prior to this, he worked as a full-time journalist associated with various prominent print media houses. In his spare time, he loves to paint on canvas.
