Policies, Codes & Other Documents
Credit and debit cards offer exciting discounts, exclusive perks, and lightning-fast payments. But have you ever wondered if entering your card details on shopping websites is safe? Not quite. Therefore, the RBI has introduced tokenised payments.
Here is all you need to know about the RBI tokenisation mandate.
If you are an avid card user, the chances are that you have your card information stored on your favourite e-commerce portals. During the checkout process, you can auto-fill it with just a click. While this option is convenient, it poses a security risk. In recent years, there have been countless theft attacks on merchant websites. Hackers have stolen sensitive credit card information, jeopardising the security of thousands of customers.
Concerned about customer data privacy, the RBI has introduced card tokenisation. This new rule of debit and credit card tokenisation is mandatory for domestic purchases and will come into effect from July 1st, 2022.
But what is card tokenisation, and how does it affect you? Let’s explore.
Tokenised payments are a security measure that has long been on the RBI’s agenda. Under the new credit card tokenisation rules, e-commerce platforms cannot store your card details. These include your card number, name, expiry date, or CVV. Instead, they will only be able to access a ‘token value’ representing your card.
This token value is a random number that has your card number mapped to it. Does this sound familiar? This may remind you of the token system you follow in self-service fast-food restaurants. The server only must read your unique token number to give you your order, and they don’t need to know your name or personal details.
The same is the idea behind the tokenisation of cards by the RBI.
When you shop through an app or a website, the merchants facilitate the card payments. So, they store your card details after encrypting them through their own security protocol. However, if their security measures are inadequate, your financial details are at risk. Preventing this is the primary motivation behind the RBI tokenisation mandate.
So, from July 1 onwards, online merchants will have to delete their customers’ debit and credit card information from their records. Instead, this information will be replaced by digital tokens generated as per the RBI’s security guidelines.
By introducing mandatory credit card tokenisation, the burden of security is now on the payment gateways and credit card providers, not on merchants. Thus, the tokenisation of cards by the RBI benefits both the customers and the merchants.
The process of tokenising your cards is simple. You just need to consent to an AFA (an additional factor of authentication.) So, the next time you make an online payment using your debit card or credit card, follow these steps:
And that’s it. Your card is now tokenised, and all your card details are safe. Now you can go ahead and authorise the payment with your CVV.
Will the tokenisation of cards by the RBI affect how you make payments? Yes, but only for the better!
Credit and debit card tokenisation by RBI is a step in the right direction for promoting customers’ online safety. It is a quick one-time process, costs nothing, and guarantees secure online payments in the future. So, leverage RBI tokenisation as soon as you can and enjoy shopping without any stress.
Policies, Codes & Other Documents