In order to boost security of card details saved online, the National Payments Corporation of India (NPCI) on Wednesday announced the tokenisation system for RuPay cards as an alternative to storing card details with merchants.
“The NTS will support the tokenization of RuPay cards to further enhance the safety of customers and provide a seamless shopping experience to consumers," NPCI said in a statement.
NPCI said the sensitive customer information will be stored in the form of an encrypted 'token' to help secure transactions, in accordance with RBI guidelines.
These tokens will allow payments to be processed without disclosing the customer details or allowing the payment intermediaries to store customer data that could breach security and privacy, it said.
With NTS, acquiring banks, aggregators, merchants and others can get themselves certified with NPCI and can play the role of token requestor to help save the token reference number against all card numbers saved.
All these businesses can maintain their RuPay consumer base utilising token reference on file (TROF) for future transactions initiated by their respective RuPay consumers, NPCI said.
The fool-proof and transparent system will ensure that no customer-sensitive information is leaked. Tokenisation will also help in reducing the friction in the payment process by providing a faster check-out experience to the customers.
"The RBI's guidelines on card tokenisation is to enhance the safety of the digital payments ecosystem in the country.
"We are confident that the NPCI Tokenization System (NTS) for the tokenisation of RuPay cards will instill further trust in the millions of RuPay cardholders to carry out their day-to-day transactions securely," Kunal Kalawatia, chief of products, National Payments Corporation of India, said.
He hoped that the unique card-on-file tokenisation solution will not only safeguard customers' confidential data but will also further strengthen the overall digital payments environment.
Recently, in a bid to ensure security of card data, the Reserve Bank of India (RBI) enhanced the scope of tokenisation and permitted card issuers to act as token service providers (TSP).
Under tokenisation services, a unique alternate code is generated to facilitate transactions through cards.
The RBI extended the device-based tokenisation to card-on-file tokenisation (CoFT) services, a move that will bar the merchants from storing actual card data.
Card-on-file refers to card information stored by payment gateway and merchants to process future transactions.
