Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
If you are familiar with e-commerce apps like Amazon, Paytm, Flipkart, etc. then you must have been familiar with the buzz around the term tokenisation.
In the course of the last few years, RBI as been deeply concerned with making online transactions more secure as fraudsters are always looking to cheat people via online means. Storing this information also increased the risk of fraud and cyberattacks from the ever-increasing scamsters in the internet age. There have been cases where the card data stored by the merchant has been stolen.
A tokenised card transaction is considered safer as the actual card details like card number, expiry date, etc. are not shared with the merchant during transaction.
Also Read: Last date to tokenise your card is September 30th 2022
As per the press release dated 24th June 2022, till date, about 19.5 crore tokens have been created. The number is expected to grow in the near future as many cards are yet to be enrolled.
What is tokenisation and de-tokenisation?
In simple words, the Tokenisation refers to replacement of actual card details with an alternate code called “token”, which shall be unique for a combination of card, token requestor (i.e. the entity which accepts request from the customer for tokenisation of a card and passes it on to the card network to issue a corresponding token) and device (referred hereafter as “identified device”).
Conversion of the token back to actual card details is known as de-tokenisation.
What is the process of registration for a tokenisation?
To create a token, the holder of the card has to go through a one-time registration process for each of its card at each and every merchant’s website/app, by entering the relevant card details and give its consent for a token creation. As a second layer of authentication, the consent given will be validated by way of AFA (Additional Factor of Authentication).
After following the above process, the token will be created which will be specific to that card and that merchant. This token can’t be used for payment at any other merchant.
At present, a customer can choose whether or not to let his / her card tokenised. Those who do not wish to create a token can continue to transact as before by entering card details manually at the time of undertaking the transaction (commonly referred to as “guest checkout transaction”).
Whether the details of the card will remain safe after the tokenisation ?
Yes, the card details will remain safe because the the real card details are not given to the merchant during transaction processing. After the tokenisation done by the customer the card details like card number, expiry date, token etc. are kept in a secured mode by the Authorised card networks.
Cardholders’ payment experience will be enhanced through an added layer of security by way of tokenisation.
What is the current card storage process used by merchants in India?
In order to make future purchases easier for cardholders, many organizations, including retailers, involved in an online card transaction chain keep card information called Card-on-File (CoF). Normally if your card data is encrypted then the merchants could store the cardholder’s name, primary account number (the 16-digit number on the front of the card), expiration date, and service code. Certain details like sensitive authentication data, PIN, CVV, or CVC (the three or sometimes four-digit code on the back of the card).
Although we do shopping ranging from stationery to heavy machinery like ACs and refrigerators online, we all have our favorite merchants to shop from. If you frequently shop from websites like Amazon, Flipkart then most likely you have saved your card details on those platforms for convenient transactions in the future.
No doubt that the transactions seem easier after saving our card details and it’s just one of the many other ways through which merchants lure us into shopping for more. When you have a recurring charge, for example, merchants want to save your card information. They can then automatically bill you each month without needing to obtain your credit card details.
Is tokenisation a safer method of card transaction?
The RBI ordered the use of card-on-file (CoF) tokenisation as a substitute for card storage in September 2021, limiting retailers from storing consumer card information on their computers beginning January 1, 2022. The deadline was later postponed to June 30, 2022.
This framework allows cardholders to generate “tokens” (a special alternate code) in place of the card information. The retailers can then store these tokens to perform transactions in the future. Tokenisation is the process of replacing original credit and debit card information with a different code known as the “token,” which will be specific to the card, token requestor, and device.
Since the real card details are not given to the merchant during transaction processing, tokenised card transactions are thought to be safer. Now users can be fairly confident that their card information will be stored only with approved 3rd party card tokenisation companies that are specifically regulated and mandated to keep the information safe.
FAQs on Tokenisation
How many cards can be requested for tokenisation?
There is no limit/restriction on card tokenisation request.
How much is the charge for each tokenisation?
The tokenisation service is absolutely free, there is no charge for tokenisation.
Is there any amount limit defined for tokenisation card transactions?
There is no amount limit which has been defined, however there could be the bank specific limit for per day transactions.
Who to be connected with if there is any issue in tokenised card?
The respective bank should be contacted if there is any issue with tokenised transaction/card.
Is there any possibility that the card issuer refuse tokenisation of a card?
Yes, card issuer can reject the tokenisation request basis the risk which it may consider or any other relevant factor.
Is it mandatory for the customers to tokenise their card?
Although it is not mandatory for customers to tokenise their cards if they don’t then each time they place an online order, they must enter their name, 16-digit card number, expiration date, and CVV. Tokenisation only makes transactions more secure and convenient for customers.
For the latest business and financial updates, follow and connect with us on Facebook, Twitter, and Linkedin!
To Get Finance News & Job Alerts Directly On Your Mobile Join Our WhatsApp Group