What is credit, debit card tokenization rule effective July 1
The Reserve Bank of India (RBI) has mandated card-on-file (CoF) tokenization for domestic online purchases via credit and debit cards from July 1. Now, to protect privacy, merchants won't be permitted to store customer data like card numbers and card verification values (CVV) on their servers. To recall, the tokenization deadline was moved from January 1 to July 1 to ensure a smooth transition.
Why does this story matter?
The tokenization process is not compulsory and is done for free. It is only applicable to online transactions within India and promises a smoother as well as secure payment experience. Customers can also select where the tokens will be used and set up limits. It is believed that instances of data breaches will be reduced and the privacy of customers will be safeguarded.
What is tokenization?
The RBI describes tokenization as a replacement of the card details with an alternate code known as a "token." "It shall be unique for a combination of card, token requestor (the entity which accepts the request from the customer for tokenization of a card and passes it on to the card network to issue a corresponding token), and the device," according to the RBI.
What are the problems of not tokenizing a card?
It is not mandatory for credit card and debit card users to get their cards tokenized. However, in case it is not done, customers will have to type the card details every time something is bought online since merchants will not store any card-related data.
What are the steps of tokenizing a card?
You can head to a shopping website/application and initiate a transaction. At the time of checkout, select your preferred card payment option and enter the CVV details. Then, click on "Secure your card" or "Save card as per RBI guidelines," tap on save, and enter the OTP. The credit or debit card will now be successfully tokenized and secured.
