RBI To Make Major Changes To Debit And Credit Card Rules, The ‘token’ System Has Been In Operation Since January


Credit and debit card use will be altered as of January 1, 2022. All merchants and payment gateways were urged by the Reserve Bank of India (RBI) to erase all sensitive client data they have on hand to improve the security of online payments.

Until January 1, all retailers must utilize encrypted tokens for transactions. As the due date approaches, several banks have begun reminding their clients about the new online debit and credit card payments restrictions. Customers of HDFC Bank, for example, have been notified of the further limitation.

“As of the 1st of January, 22! For increased card security, businesses are required to erase your HDFC Bank card information from their websites and apps. Full card data must be entered each time, or tokenization may be selected,” HDFC Bank said to clients in an email statement.

So, What’s The New Deal?

After announcing it in March 2020, the central bank has implemented a regulation on January 1. Users’ credit card information cannot be stored on merchant websites under a new rule issued by the Reserve Bank of India.

It wasn’t until September that the RBI issued recommendations since most banks weren’t ready at the time. Card data will no longer be stored by any other parties involved in the card transaction/payment chain after January 1, 2022. The Reserve Bank of India (RBI) has ordered that any such data be destroyed.

Extending the compliance deadline until the end of the year allowed merchants and payment gateways more time to prepare. Customers and businesses were also given the option of using tokens for transactions.

What Are The Advantages Of Tokenization?

The 16-digit card number, expiration date, CVV, and one-time password (OTP) are all required for online debit/credit card transactions. Retailers or corporations need to know particular specifics for online card transactions to go well.

Customers will no longer pay using their actual credit card numbers; instead, a tokenized code will be used instead of them. This is a requirement set out by the RBI. For each card combination, a unique token will be generated.

Cardholders may use the token requestor’s app to request tokenization of their card with a merchant or service provider. According to the RBI, online card transactions will become safer since merchants will not have access to the actual debit and credit card information.

What Happens Now?

From January 1, 2022, a cardholder will be required to grant permission to a specific merchant or firm through extra factor authentication for each online card transaction tokenization. A tokenization request will be sent to the card network after this.

When this happens, the card network will construct a token instead of the 16-digit card number and return it to the retailer. This token may be used for future online card transactions by the business.

To approve transactions, a person will still need to provide their CVV and OTP once they’ve been tokenized. For each merchant, the tokenization step must be completed independently. For example, users will use a different token for Zomato and Netflix purchases.

A merchant’s encrypted storage of a customer’s credit card information is called tokenization. After the first phase, the RBI stated it would lower the risk of fraud and make transactions easier for consumers.

Read more:

To Sum It Up

According to the central bank, there is no need to memorize the 16-digit card numbers since they will not be needed for each transaction under the tokenization norm.

“Contrary to certain worries voiced in some sectors of the media, there would be no obligation to enter card data for every transaction under the tokenization scheme,” the Reserve Bank of India said in an earlier statement.

Related Topics