According to media reports, many such incidents have occurred in the recent past where users' credit/debit card data stored by merchants has been compromised/leaked and sometimes even sold on the dark web or similar platforms. This stolen information could be used to carry out fraud.
Tokenisation aims to put a stop to such frauds as the merchant entities will only have a unique and randomly generated token code instead of the cardholders' actual information.
"As no card data is being saved anywhere except by the card network and issuer, chances of card data being lost or stolen is reduced. You also have the option to view the list of merchants with whom you have registered a token and de-register any such token in the future via your issuer's app or internet banking. So, if you do not intend to shop on a site later or do not wish a recurring payment associated with your account to be renewed, you can delete the associated token. In case your card is renewed or replaced, you will have to explicitly consent to link it with the merchants with whom you had registered the card earlier. All this adds up to additional security," the BankBazaar.com General Counsel further said.
1 ઓકટોબરથી બદલનારા 8 નિયમો
❓કયા થશે ફેરફાર
Why the deadline has been delayed?
According to RBI, transactions using tokens have not gained speed with merchants of all categories. RBI's statement reads: "These issues are being dealt with in consultation with the stakeholders, and to avoid disruption and inconvenience to cardholders, the RBI has announced extension of the said timeline of 30 June 2022 by three more months, i.e., to 30 September 2022."
Moreover, the industry has also raised several technical issues regarding guest checkout of transactions, which consumers can opt on a website without registering on it.
The industry is focusing to ensure that all stakeholders are ready to conduct tokenized transactions and implement alternate mechanisms to manage all post-transaction activities related to guest checkout transactions. In order to make sure that more tokenized transactions are conducted, the industry is also trying to make the public aware of creating and using tokens for credit/debit card transactions.
IMPORTANT LINK
CLICK HERE TO DOWNLOAD THE NEWS REPORT
Charges for tokenization
The tokenisation process is completely free of charge. However, it would be applicable only for domestic card transactions.
Is tokenization mandatory for everyone?
According to RBI, credit/debit card users don't need to use the token system mandatorily. However, if the card user opts to not use the tokenization system, they will be required to manually enter credit/debit card details every time while conducting a transaction on an e-commerce or merchant website.
In addition to this, as stated by RBI, one will have to create separate tokens for each card they own.
How to create a token for debit, credit cards
Once the new norms are implemented, the cardholder has to go through a one-time registration process for every card, at every online merchant's website they intend to use the card by entering its details and providing consent to create a token during checkout. A token will be generated for a particular card at a single website.
Steps to generate the tokens:Go to any e-commerce merchant website or application and start a transaction.
During the check-out, enter the details of the credit/debit card along with additional details.
Secure the card and tokenise it per RBI's latest guidelines by selecting the 'secure your card as per RBI guidelines' or 'secure your card' option.
Authorize the token's creation by using the bank-provided one-time password (OTP) sent to the registered mobile phone or email to complete the transaction.
After creating the token, the data of one's card will be replaced with the above-mentioned token.
To help one recognise their card while making a transaction, the last four digits of the saved card will be displayed when they revisit the same website or application for any future transaction, representing that the card has been tokenized.
No comments:
Post a Comment