The Reserve Bank of India’s (RBI) card-on-file (CoF) tokenization regulations went into effect on Saturday (October 1) with the intention of enhancing the security and safety of card transactions. Now, merchants, payment aggregators, and payment gateways won’t be able to keep critical customer credit and debit card details including the three-digit CVV and expiration date for any purchases made online or through mobile apps. The RBI made the decision not to continue extending these deadlines for implementing these rules.
Read More: What Happens to Unclaimed Investments from PPF, NSC or SCSS? How to Track Them?
What is tokenisation?
Tokenization is the process of replacing actual card data with a unique alternate code called the “token.” The token must be different for the card, token requester (the company that accepts client requests for card tokenization and forwards them to the card network to issue a relating token), and device.
How will tokenisation work?
By starting a request on the app that the token requester provides, the owner of a debit or credit card can have their card tokenized. The token requester will send the request to the card network, which will provide a token matching the combination of the card, the token requester, and the device with the approval of the card issuer. The customer won’t pay anything to use the tokenization service.
Before, only interested cardholders’ mobile phones and tablets had access to the facility for card tokenization. The RBI then made the decision to expand the scope of tokenization to encompass consumer devices like as laptops, desktops, wearables (wrist watches, etc.), and Internet of Things (IoT) devices as a result of an increase in tokenization activity.
Read More: Know if your medicines are real or fake: QR codes will soon detect counterfeit medicines, here’s how
How to tokenise your debit card?
1. Visit any online store or vendor application to make a purchase and begin the payment process.
2. When checking out, enter your debit or credit card information. Alternately, pick a debit or credit card from the pre-selected list from the bank of your choice, then finish the rest of the form.
3. Select either “Save card as per RBI standards” or “Secure your card.”
4. To confirm the purchase, enter the OTP that your bank gave to your email or mobile device.
5. The store receives the produced token and saves it along with the client identifying information (such as email address or mobile number).
6. When a customer visits the same e-commerce or dealer website, the last four digits of the saved card are shown, making it simpler for them to recognise it throughout the transaction. This demonstrates how a customer’s debit card has been tokenized.
7. A special token is generated for each merchant website that has to hold debit card data.
