As per the latest development, the RBI’s (Reserve Bank of India) card-on-file (CoF) tokenization regulations will take effect from October 1, 2022, changing the rules for debit and credit card online payments. Moreover, these changes are brought in order to facilitate the card holders.
Reportedly, after the new rules come into effect, the customer will be required to enter all of their credit card information while making an online payment . Moreover, the merchant will start tokenization once customers begin making payments, and will request permission before tokenizing a card.
Additionally, the merchant will submit the request to the card network after receiving an approval.
Numerous entities like store card data, merchants in an online payment chain, citing convenience to the cardholders. As speculated, the new rules would facilitate the customers, however, storing the card details with multiple entities may increase the risk of misuse of the data.
Though, most of the big merchants had earlier complied with the CoF (card-on-file) tokenization rules. The deadline for tokenization rules was July 1, however, it was extended for 3 months, bringing it to September 30.
What Is Tokenization?
When a card is tokenized, the actual card information is replaced with an alternative code called the “token,” which must be distinct for each of the following: the card, the token requestor (the organisation that accepts a customer’s request to tokenize a card and forwards it to the card network to issue a corresponding token), and the device (referred hereafter as identified device).
Furthermore, the token, representing the customer’s data, will be saved in the merchant payment system, which initiates the payment.
Moreover, this process is considered a safe one, as compared to the one in practice currently. It’s seen as one of the major steps taken by the RBI to safeguard the data of the customers and prevent any online fraud.