Come October 1, debit card and credit card rules with regard to online payments will change for customers across India. This is in order to protect customers from cyber fraud that can occur when they store the details of their credit or debit card on online shopping or merchant sites. The Reserve Bank of India mandated the adoption of card-on-file (CoF) tokenisation applicable to domestic online purchases. The deadline of the countrywide adoption to card tokenisation was extended by six months from January 1 to July 1 2022, and the further to October 1, to ensure a smooth shift from the current situation.
What is Debit Card, Credit Card Tokenisation?
By this time, you would have received notifications from online merchants and banks to ‘tokenise’ your cards to smoothly carry out payments. Each credit card, on each website, merchant or payment gateway, will be assigned a unique code. This is called a token. It will be generated one time, for each website or platform or app where you use your card.
According to the RBI website, “Tokenisation refers to the replacement of actual card details with an alternate code called the “token”, which shall be unique for a combination of card, token requestor (i.e. the entity which accepts request from the customer for tokenisation of a card and passes it on to the card network to issue a corresponding token) and device (referred hereafter as “identified device”).”
This means it is an additional security layer for your credit and debit cards being used to make payments on online platforms. It means online platforms, including the likes of Amazon, Flipkart, Paytm and Myntra, will no longer be able to save your card details, as they did till now.
How to Tokenise Your Debit Card, Credit Card?
Credit card and debit card tokenisation can be done by following these simple steps:
Step 1: Go to your favourite or most frequently used online website or mobile application to purchase items including food, grocery or clothes and then initiate a transaction.
Step 2: When it leads to the checkout page, select credit card or debit card payment option. Now provide the CVV details.
Step 3: Click on the option that says “Secure your card” or “Save card as per RBI guidelines”
Step 4: Click on save and enter the OTP received on your mobile number.
Step 5: Your credit or debit card is now successfully tokenised and is secured. Merchants will not be able to access your information anymore.
What Happens if You Do Not Tokenise Your Card?
Debit card and credit card tokenisation process is not mandatory and a customer can choose whether or not to let his / her card tokenised. In that case, the customer will have to re-enter all card details while purchasing anything online.
Credit Card, Debit Card Tokenisation: Other Details
The tokenisation system is totally free of charge and is not mandatory as well. However, it does provide smoother payment experience while also securing your data. Tokenisation is only applicable to domestic online transactions.
The registration for a tokenisation request is done only with explicit customer consent through Additional Factor of Authentication (AFA), and not by way of a forced / default / automatic selection of check box, radio button, etc, as per the RBI. The customer will also be given choice of selecting the use case and setting-up of limits.