What is tokenisation of debit, credit cards?
- Under tokenisation services, a unique alternate code is generated to facilitate transactions through cards.
- It is the process of substituting a 16 digit customer card number with a non-sensitive equivalent value, referred to as a token.
- This essentially means that a customer's card information will no longer be available on any Merchant, Payment Gateway, or 3rd party that helps in the processing of digital transactions today.
- With card tokenisation, consumers no longer need to fear saving their card details.
- Cardholders will have to give an explicit consent that will be collected for tokenisation.
Ravi Battula, Vice President – Merchant Acquiring Business, Wibmo – A PayU Company said that any major payment system like India should enable safe, quick and affordable digital payments. He added while the payments are getting quicker, faster and affordable safety at scale still remains an opportunity to be beefed up to drive the adoption of digital payments further.
“From a security standpoint if not implemented well. Tokenization ensures standardization for such card on file transactions through higher security standards which is irreversible as compared to existing reversible cryptographic standards," said Ravi Battula.
Post June, there would be some disruptions in the ecosystem as any new change will cause some friction in such massive payment system built over time. "In the long run, tokenization will ensure greater security for any recurring subscription payments initiated by customer or merchant with greater customer controls to see list of merchants where the card is stored and ability to delete, suspend the subscription if needed,"Battula further added.
Why tokenized card transaction is considered to be safer
A tokenized card transaction is considered safer as the actual card details are not shared with the merchant during transaction processing. For transaction tracking and reconciliation purposes, entities can store the last four digits of the card number and the card issuer’s name. The customer’s consent and OTP-based authentication are required for creating a token.
Card tokenisation deadline
The first RBI deadline to tokenize the card details was June 30, 2021. But at the request of merchants and payment aggregators, as well as card companies and banks, it was extended to December 31, 2021. And the deadline was again extended by six months. The deadline for credit, debit card tokenisation is June 30, 2022.
