The Merchant Payments Alliance of India (MPAI) and the Alliance of Digital India Foundation (ADIF) on Wednesday urged the Reserve Bank of India (RBI) to extend the card-on-file tokenisation deadline for merchants.
The same is to come into effect from January 1, 2022.
The industry bodies voiced their concerns over industry readiness on the RBI directive on card-on-file tokenisation citing several operational challenges that will hinder the transition to the token-based payments ecosystem, according to agencies.
MPAI and ADIF said that 'ecosystem readiness' is a sequential process of going live with stable API documentation for tokenised transactions.
RBI has asked merchants and payment gateways to remove sensitive customer data on cards saved on their end from next year. Instead, these gateways will use encrypted tokens to carry transactions.
No entity in the card transaction/payment chain, other than the card issuers and/or card networks, will store the actual card data. RBI issued these guidelines in September 2021 giving companies the time till this year to comply with the new 'tokenisation' regulations.
After RBI’s latest decision, platforms won't be able to store card credentials of a shopper in any form.
For instance, when customers shop on an e-commerce site for the first time, they are asked to feed the 16-digit debit card number and then the CVV code. However, when they buy another item from the same platform, they can see that the site has already stored the 16-digit card number and they just have to put in the CVV and then the OTP is generated by the bank to make the purchase.
With the new RBI order, this won't be the case anymore and a shopper will have put in their entire card details when they shop for something.
Once customers start purchasing an item, the merchant will initiate tokenisation and ask for consent to tokenise the card. Once consent is given, the merchant will send the request to card network.
The card network will create token, which will act as proxy to 16-digit card number and send it back to merchant. The merchant will save this token for future transactions. Now, they will be required to enter CVV and OTP like before to give approval.
(Edited by : Anshul)
First Published: Dec 22, 2021 12:17 PM IST
Check out our in-depth Market Coverage, Business News & get real-time Stock Market Updates on CNBC-TV18. Also, Watch our channels CNBC-TV18, CNBC Awaaz and CNBC Bajar Live on-the-go!
Delhi, Indore, Surat and Banswara — why these are the most challenging domains for Congress internally
May 4, 2024 1:53 PM
Congress nominee from Puri Lok Sabha seat withdraws, citing no funds from party
May 4, 2024 12:00 PM
Lok Sabha Polls '24 | Rahul Gandhi in Rae Bareli, why not Amethi
May 4, 2024 9:43 AM