RBI's credit and debit card tokenisation regulations to start from October 1; Know more

The Reserve Bank of India (RBI) has announced that new credit and debit card tokenisation regulations would be put into effect starting on Saturday, October 1, 2022. As per the RBI, all credit and debit card details which will be used for online, in-app, and point-of-sale (POS) transactions should be replaced by unique tokens by September 30. Tokenisation adds an extra degree of security to the digital payment process, which should improve the customer experience. 

Many organizations, including merchants engaged in an online card transaction chain, retain card details including card number, expiration date, and more. The availability of a user's card information with many entities raises the danger of data breach, which may be further exploited for fraudulent transactions. 

What is the objective behind this change?

Under the CoF (card-on-file) tokenisation regulations of RBI, credit and debit cardholders would have to use certain numbers, such as tokens, while starting online transactions. The major goal of this new modification is to prevent the storage of sensitive information about cardholders during the processing of online payments, including CVV, card number, expiration date, and other sensitive information. Since no other institution can retain card information besides card issuers and card networks, RBI has announced that "tokenisation" of cards would be introduced. 

According to the RBI, “Tokenisation refers to the replacement of actual card details with an alternate code called the “token”, which shall be unique for a combination of card, token requestor (i.e. the entity which accepts a request from the customer for tokenisation of a card and passes it on to the card network to issue a corresponding token) and device.” 

Additionally, the RBI also noted that tokenisation is solely relevant to domestic cards and is completely free. 

As a result of the RBI's new credit and debit card guidelines, customers will now need to enter all of their card information each time they want to make an online payment, or they can choose to utilize tokens to ensure safe online transactions. 

Steps for credit and debit card tokenisation

Furthermore, the RBI states that tokenising your cards can be done in some simple steps: 

Go to any online app or e-commerce /merchant website and initiate a payment transaction 

Enter the debit or credit card information throughout the checkout process. Or, choose your chosen bank's debit or credit card that you had previously saved as a payment method, and then input the remaining information. 

Tick the box next to "secure your card" or "save card as per RBI guidelines”. 

Complete the transaction by entering the OTP that was issued to your registered email address or cellphone number by the bank. 

Instead of using your card, a token will be created and saved. 

(Image: Pixabay/Representational Image)