Tokenisation Of Debit & Credit Cards; Here’s How To Comply

New Delhi: Come September 30 and all credit and debit card data used in online, point-of-sale, and in-app transactions be replaced with unique tokens. The Reserve Ban of India (RBI) created new regulations to safeguard customers in response to unsafe online practices.

These tokens will allow payment to be made without disclosing customer details. Reserve Bank of India guidelines make it mandatory to replace the original card data with an encrypted digital token. This means that debit and credit card transactions will be safer and more convenient.  Tokenisation’s higher level of security will improve the payment experience for cardholders. Card details will be stored as an encrypted “token” to help customers make secure transactions.

Additionally, it will improve cardholders’ online transactional experiences and safeguard your card information from online fraudsters.

According to the RBI, “Tokenisation refers to the replacement of actual card details with an alternate code called the ‘token’, which shall be unique for a combination of card, token requestor (i.e. the entity which accepts a request from the customer for tokenisation of a card and passes it on to the card network to issue a corresponding token) and device (referred hereafter as “identified device”).”

For simplicity of payment, credit card information such as number, CVV, and expiry date are frequently maintained on the merchants’ databases. But there are security risks associated with this data.

Some websites’ data storage systems have previously been compromised and exposed to the public.

Debit or credit card information cannot be stored by any entity other than card issuers or networks, according to guidelines issued by the RBI. It’s necessary to delete any already-stored data.

The tokenisation system is totally free of charge and it provides a smoother payment experience while securing one’s card’s data.

Also, tokenisation is only applicable to domestic online transactions.

The new debit and credit card rules were set to come into effect from July 1, 2022, but have been extended after receiving a range of representations from different industry bodies.

How to generate tokens

Step 1: To make a purchase and begin a payment transaction, go to any e-commerce merchant website or application.

Step 2: Choose your card. Enter your debit or credit card details and any additional information while checking out.

Step 3: Secure your card. Tokenise your card per RBI guidelines or choose the “secure your card as per RBI guidelines” option.

Step 4: Authorise the creation of the token. To complete the transaction, enter the OTP that your bank sent on your mobile phone or email.

Step 5: Create a token. The data of your card has been replaced with a token that has been produced and retained.

Step 6: To help you recognise your card while making a payment, the last four digits of your saved card are displayed when you visit the same website or application again. In other words, your card has been tokenised.