The Reserve Bank of India has said that the payment ecosystem in India is ‘by and large’ prepared to adopt the tokenisation rule from July 1. The comment came from the RBI earlier this month, after it had extended the deadline to tokenise debit card and credit cards from January 1 to July 1. After the credit card and debit card tokenisation rule gets implemented across the country, domestic online merchants will not be allowed to store customer data on their servers. This is being done to protect customer privacy, the RBI has said.
What is Debit Card, Credit Card Tokenisation?
As per the RBI website, “Tokenisation refers to replacement of actual card details with an alternate code called the “token”, which shall be unique for a combination of card, token requestor (i.e. the entity which accepts request from the customer for tokenisation of a card and passes it on to the card network to issue a corresponding token) and device (referred hereafter as “identified device”).”
This token contains no personal information that can be directly accessed and keeps changing making it the most secure method to complete payments, says India’s largest public sector bank State Bank of India on its website. Once credit card and debit card tokenisation is done, payment aggregators, wallets and online merchants will not be able to store your card data including debit or credit card number, CVV, card expiration date and other sensitive information. Banks and online merchants have been sending alerts to their customers already to tokenise debit or credit cards.
What Happens if Credit Card, Debit Card Tokenisation is Not Done Before July 1?
By this time, you would have received notifications from online merchants and banks to ‘tokenise’ your cards to smoothly carry out payments. However, the process is not mandatory. If you do not tokenise your card by July 1, you will have to re-enter all card details while purchasing anything online. This is because existing data will be deleted from the server.
Benefits of Card Tokenisation
i. Debit card and credit card tokenisation will ensure more secured online transactions as there will be no data of the customer stored at the merchants’ website or mobile application. A tokenised card transaction is considered safer as the actual card details are not shared/ stored with the merchants to perform the transaction, says the SBI website.
ii. A customer will experience faster and smoother checkouts since card details including 16-digit card number, name on card, and its expiry date will not be required to enter with tokenised cards. However, CVV and OTP authentication requirements will continue to be in place as an added layer of protection for customers, including those who have provided consent to debit card and credit card tokenisation.