How new debit, credit card rules will affect you? Details here

What will happen after tokenisation kicks in?

The added layer of security for debit, credit card holders by way of tokenisation is expected to enhance users’ digital payment experience.

What is tokenisation?

As per the RBI, tokenisation refers to the replacement of actual card details with an alternate code called the “token”.

Benefit of tokenisation

A tokenised card transaction is considered safer as the actual card details are not shared with the merchant during the processing of the transaction.

According to Gaurav Kapoor, Director & Co-Founder, Fincorpit Consulting, tokenisation is very safer mode of transaction as the actual card details are not shared with the merchant during the processing of the transaction and is replaced by a unique token. At this time, when cyber crime in India is on rise, the cyber infrastructure requires an upgrade. 

“This move of RBI to make tokenisation mandatory for the merchants is a step forward to control the menace of cyberattacks,” said Gaurav Kapoor.

Impact on customers on tokenisation

Currently, many entities, including merchants, involved in an online card transaction chain store card data like card number, expiry date, etc. [Card-on-File (CoF)] citing cardholder convenience and comfort for undertaking transactions in future.

While this practice does render convenience, the availability of card details with multiple entities increases the risk of card data being stolen or misused and there have been instances where such data stored by merchants have been compromised.

When customers shop on an e-commerce site, they won’t be able to store the card credentials of a shopper in any form. When you shop online,  you are asked to feed the 16-digit debit card number and then the CVV code. The next time, you shop on the same site, you just have to put in the CVV and then the OTP is generated by the bank to make the purchase.

When the new rule kicks in, a customer will have to put in their entire card details while shopping online.

Once customers start purchasing an item, the merchant will initiate tokenisation and ask for consent to tokenise the card. Once consent is given, the merchant will send the request to the card network.

According to Amit Gupta, MD, SAG Infotech, end consumers will be more likely to hold onto payment information if tokenisation is implemented without worrying about the misuse of such information. However, almost all the merchants have said yes to this change, so we can say honestly that most of them are ready. Smaller merchants will benefit from network adoption of tokenisation, and the network will be authorized to have visibility data on user adoption of tokenization. 

The primary problem remains recurring payments, which are still failing in some test runs. “We’re likely on the loop of October 2021 e-mandate – recurring payments won’t work which would force customers to input the card details again each month. Additionally, merchants will suffer revenue losses as a result of this inconvenience,” he said.

Debit credit card holders: Steps to tokenise

• Visit an e-commerce website to purchase products.
• Select the preferred card options as the payment method
• Enter all the required details carefully.
• Tap on the option that states ‘secure your card as per RBI guidelines’ on the website to generate a token and store it according to the RBI guidelines.
• You will receive a one-time password (OTP)
• Enter OTP on the bank page and the card details will be sent for the token generation and transaction authorisation.
• The token will be sent to the merchant and he will save it in place of the personal card details.
• The next time you visit the same e-commerce platform or merchant website, the last four digits of the saved card will be displayed. This indicates that the debit card or credit card has been tokenised.

A customer can choose whether or not to let his / her card tokenised. Those who do not wish to create a token can continue to transact as before by entering card details manually at the time of undertaking the transaction. 

Post your comment
First article