RBI increased tokenization A three-month deadline starting July. This extended time period can be used to create public awareness about the token generation process and facilitate stakeholders to be prepared to handle such transactions.
According to RBI, “Tokenization refers to the replacement of the actual card details with an alternate code called “token”, which will be unique to the combination of the card, the token requester (i.e. the entity that accepts the request for a token from the customer). ) a card and sends it over the card network to issue the corresponding token) and the device (hereinafter referred to as the “identified device”).
Presently, card data such as card number, expiry date etc. can be stored by the entity involved in online card transactions to facilitate it. But it should be noted that saving such important information increases the risk of card data being stolen or misused.
Earlier RBI said, “Given the fact that many jurisdictions do not mandate Additional Factor of Authentication (AFA) to authenticate card transactions, data stolen at the hands of fraudsters may result in unauthorized transactions and cardholders There may be a consequent monetary loss. India Also, social engineering techniques can be used to commit fraud using such data.”
Following are some frequently asked questions about card tokens:
What is tokenization?
According to the Reserve Bank of India, tokenization refers to the replacement of the actual card details with an alternate code called “token”.
What is the benefit of tokenization?
A tokenized card transaction is considered secure as the actual card details are not shared with the merchant during the processing of the transaction.
How can tokenization be done?
– The Cardholder can get the Token to the Card by initiating a request on the App provided by the Token Requester. The token requester will forward the request to the card network, which, with the consent of the card issuer, will issue a token corresponding to the combination of the card, token requester and device.
Who can do tokenization?
Tokenization can only be done through authorized card networks and the list of authorized entities is available on the RBI website.
What are the charges that the customer has to pay for availing this service?
There is no charge to the customer for availing this service.
What are the use cases (examples/scenarios) for which tokens are allowed?
Tokenization through mobile phones and/or tablets is permitted for all use cases/channels (eg, contactless card transactions, payments through QR codes, apps, etc.).
Is the card token mandatory for the customer?
No, the customer can choose whether to tokenize his card or not. Those who do not wish to generate tokens can continue to transact as before by entering the card details manually while transacting. (ANI)
ANI. with inputs of