The Reserve Bank of India (RBI) has mandated that all credit and debit card data used in online, point-of-sale, and in-app transactions be replaced with unique tokens by September 30, 2022.
Tokenisation's higher level of security will improve the payment experience for cardholders. Your card details will be stored as an encrypted “token” to help customers make secure transactions.
These tokens will allow payment to be made without disclosing customer details. RBI guidelines make it mandatory to replace the original card data with an encrypted digital token. Thanks to tokenisation, your debit and credit card transactions will be safer and more convenient.
Additionally, it will improve cardholders' online transactional experiences and safeguard your card information from online fraudsters.
The RBI created new regulations to safeguard customers in response to unsafe online practices.
According to the RBI, "Tokenisation refers to the replacement of actual card details with an alternate code called the 'token', which shall be unique for a combination of card, token requestor (i.e. the entity which accepts a request from the customer for tokenisation of a card and passes it on to the card network to issue a corresponding token) and device (referred hereafter as "identified device")."
For simplicity of payment, credit card information such as number, CVV, and expiry date are frequently maintained on the merchants' databases. But there are security risks associated with this data.
Some websites' data storage systems have previously been compromised and exposed to the public.
Debit or credit card information cannot be stored by any entity other than card issuers or networks, according to guidelines issued by the RBI. It's necessary to delete any already-stored data.
The tokenisation system is totally free of charge and it provides smoother payment experience while security one's card's data.
Also tokenisation is only applicable to domestic online transactions.
The new debit and credit card rules were set to come into effect from July 1, 2022, but have been extended after receiving a range of representations from different industry bodies.
The Reserve Bank of India (RBI) has again extended the debit and credit card tokenisation rule deadline to September 30.
Here Are The Ways To Generate Tokens:
Step 1: To make a purchase and begin a payment transaction, go to any e-commerce merchant website or application.
Step 2: Choose your card. Enter your debit or credit card details and any additional information while checking out.
Step 3: Secure your card. Tokenise your card per RBI guidelines or choose the "secure your card as per RBI guidelines" option.
Step 4: Authorise the creation of the token. To complete the transaction, enter the OTP that your bank sent on your mobile phone or email.
Step 5: Create a token. The data of your card has been replaced with a token that has been produced and retained.
Step 6: To help you recognise your card while making a payment, the last four digits of your saved card are displayed when you visit the same website or application again. In other words, your card has been tokenised.
Are There Any Risks?
Though the Reserve Bank stated that the new process is "safer", there could be some "other security risks" involved.
"With card tokenisation, sensitive card data is substituted with tokens and no actual data is stored anywhere other than with the issuer, card network, and customer. Implementing tokenisation adds complexity to the existing IT structure as processing transactions will become more complicated and comprehensive," said Murari Sridharan, Chief Technology Officer, BankBazaar.com.
"Tokenisation does not eliminate all security risks but reduces the potential for data breach significantly, especially from third-party apps," he added.
0 Comments