RBI guidelines on card tokenisation

Why in news?

• The Reserve Bank of India has extended the implementation date of card-on-file (CoF) tokenisation norms by six months to June 30, 2022.
• This follows a series of representations from several industry players and digital payment platforms who anticipated disruption in online transactions from January 1 when the new rules were to originally kick in.

More about the news:

• In September 2021, the RBI prohibited merchants from storing customer card details on their servers with effect from January 01, 2022, and mandated the adoption of card-on-file (CoF) tokenisation as an alternative to card storage.
• It applies to domestic, online purchases.
• As per new guidelines, online players will have to delete any credit and debit card data stored on their platforms and replace them with token to secure card details of consumers.

What is tokenization?

• Tokenisation refers to replacement of actual credit and debit card details with an alternate code called the “token”, which will be unique for a combination of card, token requestor and device.

Why has RBI issued new guidelines?

• A tokenised card transaction is considered safer as the actual card details are not shared with the merchant during transaction processing.
• Customers who do not have the tokenisation facility will have to key in their name, 16-digit card number, expiry date and CVV each time they order something online.
• This could be cumbersome exercise and may impact transaction value, especially when done through stored cards. In case of multiple cards, each will have to be tokenised.

PRACTICE QUESTION:

The term ‘tokenization’, widely discussed in news, is associated with:

(a) Gene editing

(b) Data security

(c) Marine fishing

(d) Water purification

Answer