WHAT IS RBI’S CARD TOKENISATION RULE?
Reserve Bank of India (RBI) recently extended the deadline for complying with the card information storage rules by another six months.
Key Facts
- Deadline was extended because merchants and payments companies expressed their inability to comply with the December 31 deadline.
- RBI took this decision as industry bodies had requested the central bank to extend the deadline from
- December 31 highlighting multiple challenges in implementing new guideline.
- Furthermore, merchants and banks were not prepared to switch to new system in specified time.
What are RBI’s guidelines on Tokenisation?
- RBI had issued new guidelines in September 2021. Under the guidelines, merchants will not be able to store customers’ card data in their servers.
- It prohibited merchants from storing customer card details as well as mandated for the adoption of card-on-file (CoF) tokenisation as an alternative to card storage.
- The new rule was to be implemented from January 1, 2022.
- As per RBI’s new directive on tokenisation, customer has to enter full card details each time to make payments online.
What is Tokenisation?
- Tokenisation means replacement of actual card details with an alternate code dubbed as “token”. The token will be unique for a combination of card, token requestor and device.
- This token us used to do card transactions in contactless mode at point-of-sale terminals, code payments and quick response.
What is Card-on-File (CoF)?
- In CoF transaction, cardholder authorises a merchant to store his/her Mastercard or Visa payment details. The cardholder then authorises same merchant to bill the stored Mastercard or Visa account.