The Reserve Bank of India (RBI) has decided to defer the implementation of tokenization of debit and credit cards for online transactions by a further six months following representations from stakeholders.
Context
The Reserve Bank of India (RBI) has decided to defer the implementation of tokenization of debit and credit cards for online transactions by a further six months following representations from stakeholders.
Decision of RBI
- RBI has also extended tokenization of Card-on-File (CoF) transactions where card details are saved by merchants — and directed the merchants not to store card details in their systems from January 1, 2022.
- A CoF transaction is one in which a cardholder has authorized a merchant to store his or her Mastercard or Visa payment details, and to bill the stored account.
- E-commerce companies and airlines and supermarket chains often store card details.
What is Tokenisation?
- Tokenisation refers to the replacement of credit and debit card details with an alternative code called a ‘token’.
- This token is unique for a combination of card, token requestor (the entity that accepts a request from the customer for tokenisation of a card and passes it on to the card network to issue a token) and the device.
Benefits of Tokenization
- Transaction safety: Tokenization reduces the chances of fraud arising from sharing card details.
- Easy payments: The token is used to perform contactless card transactions at point-of-sale (PoS) terminals and QR code payments.
- Data storage: Only card networks and card-issuing banks will have access to and can store any card data.
??How are the transactions processed?
- There are many players involved in processing one card transaction in today times:
- Merchant
- Payment aggregator
- Issuing bank
- Card network
- When a transaction happens on a merchant platform, the data is sent to the payment aggregator (PA).
- The PA next sends the details to either the issuing bank or the card network.
- Then issuing bank sends an OTP and the transaction flows back.