Do you often get worried about online transactions through a credit or debit card? If yes, you can heave a sigh of relief now. Online transactions are going to be much safer now with the introduction of a new data security process, known as tokenisation, by the Reserve Bank of India (RBI).
Tokenisation is a process of replacing the actual details of credit and debit cards with a unique encrypted code known as a ‘token’. The RBI first proposed tokenisation in March 2020 and September 2021 before laying the guideline for merchants to adopt the new data management process. The RBI has now extended the deadline for mandatory implementation of tokenisation by the merchants till Sep 30, 2022. Let’s look at why did the apex bank introduce tokenisation?
How Will Tokenisation Work?
On the online platform, your card details will be converted into a unique token and will be saved only with one merchant at a time. Instead of saving your actual card details, merchants will now use these unique tokens to process your transactions online through your debit or credit cards to overcome the data safety issues.
Why Did RBI Permit Card Networks For Tokenisation?
Soumee Bhatt, General Counsel, BankBazaar.com, explains, “Tokenisation will replace actual card details with an alternate code called the token. The Reserve Bank of India (RB) has issued guidelines for tokenisation because it is considered safer as the actual card details are not shared with the merchant when a transaction occurs. Also, it will be more convenient as someone who opts out of tokenisation must type in his name, card number, expiry date and CVV every time he processes an online transaction.”
Is Tokenisation of a card mandatory for a customer?
No, a customer can choose whether or not to let his card be tokenised. He also has the option to register or de-register his card for a particular use, such as contactless, QR code-based and in-app payments.
Stakeholders In Tokenisation Transactions
Typically, in a tokenised card transaction, the parties or stakeholders are the merchants including the merchant’s acquirer, card payment network, token requestor, issuer and customer. However, an entity other than those indicated may also participate in the transaction.
Whom should customer complaint?
“All complaints can be made to the card issuers. Card issuers will ensure easy access to customers for reporting a loss of identified device or any other event that may expose tokens to unauthorised usage,” adds Bhatt.
Also Read: Should you have more than one credit card?
The RBI has ensured that all safety mechanisms are put in place by the card network to ensure that the transaction request only originated from identified devices. Your transactions will be secured in the future as you will no longer be saving actual card details for online transactions.