Reserve Bank of India (RBI) has instructed merchants to stop storing sensitive card-related customer information. This includes full card numbers, expiration dates, and security codes. Instead of storing this information, merchants will generate a unique ‘token’ that can be used to process payments. The deadline for card tokenisation is September 30, 2022.
How is your card data used today?
When you make a payment using a debit or credit card, you must provide your card information, including the card number, name, expiry date, and the three-digit CVV. The merchant’s platforms save these card details using masking and other security procedures. When retailers utilise payment processors directly, the card information is retained by those processors.
What is card tokenisation?
Tokenisation is substituting a sensitive data element with a non-sensitive equivalent, referred to as a token with no extrinsic or intrinsic value. Card tokenisation protects sensitive data such as credit card numbers, account numbers, and other Personally Identifiable Information (PII). Credit and debit cards typically use a 16-digit primary account number (PAN) as their identifier. When a card is tokenised, the PAN is replaced with a random string of numbers, letters, or both (a token) that has no meaning outside of the specific transaction in which it is used. The token can be single-use or multi-use and is assigned by the card issuer or payment processor. The payment processor stores the relationship between the token and the PAN in a secure token vault database. When a consumer uses their token at participating merchants, the payment processor uses the token vault to look up the corresponding PAN and route the transaction to the card issuer for authorisation.
Card tokenisation can be used for both in-person and online payments.
What are the benefits of card tokenisation?
The RBI is pushing for the widespread adoption of card tokenisation to reduce fraud and increase security in the Indian payments ecosystem. Tokenisation helps to protect consumers by preventing their card data from being stolen and used for fraudulent purposes. In addition, tokenisation can also help reduce errors and improve payment processing efficiency. The RBI’s push for card tokenisation is an important step in making the Indian payments system more secure and efficient.
Is card tokenisation mandatory?
While card tokenisation is not mandatory, it is something that you should seriously consider if you regularly use your card for online or contactless payments. Tokenisation adds an extra layer of security to your transactions and can help to protect you from fraudsters.
What are the charges that the customer needs to pay for card tokenisation?
The customer need not pay any charges for availing of this service.
How to tokenise your cards?
The next time you use your debit or credit card to pay for something online, You will be prompted by the payment processor to “Save card according to RBI guidelines” or “Secure your card.”
Click “Save,” and then enter the OTP you get on your phone.
Your card will be tokenised.
Hope you enjoyed this article. For more articles please visit my blog: https://rahulsblog.com