Reserve Bank of India (RBI) on Friday extended the deadline for credit card and debit card tokens by three months till September 30. The rules were earlier to be followed from July 1. The move comes after industry stakeholders highlighted some issues related to implementation. Framework regarding guest checkout transactions, the central bank said in a statement.
Once the debit and credit cards are tokenized, merchants cannot store sensitive information of the card user such as his number or CVV during online payment. About 195 crore tokens have been created so far.
The option of card-on-file tokenization is voluntary for the cardholders. Those who do not wish to generate tokens can continue to transact as before by entering the card details manually while transacting, commonly referred to as a ‘guest checkout transaction’.
The RBI said in the statement that industry stakeholders have highlighted certain issues related to the implementation of the framework with respect to guest checkout transactions. RBI said that the number of transactions processed using the token is still not able to gain traction among all categories of merchants.
“These issues are being dealt with in consultation with the stakeholders, and in order to avoid disruption and inconvenience to the cardholders, the Reserve Bank has today extended the said deadline of June 30, 2022 by three more months, i.e., September 30, 2022. has announced. ,” the central bank said.
It added that this extended time period can be used by the industry to facilitate the preparation of all stakeholders to handle token transactions; processing of transactions on the basis of tokens; and creating public awareness about the process of creating tokens and using them for transacting.
The additional time will also be used by the industry to implement an alternative mechanism to handle all post-transaction activities (including chargeback handling and settlement) related to guest checkout transactions, which currently require storage of COF data by other entities. is required. According to the statement, compared to the card issuer and the card network.
How is card tokenization done?
To generate the token, the cardholder has to go through a one-time registration process for each card on the website/mobile application of each online/e-commerce merchant, by entering the card details and giving consent to the token generation. This consent is validated through authentication through an additional factor of authentication (AFA). Thereafter, a token is created which is unique to the card and online/e-commerce merchant, i.e. the token cannot be used for payment of any other merchant.
For future transactions done on the same merchant website/mobile application, the cardholder can identify the last four digit card during the checkout process. Thus, the cardholder does not need to remember or enter the token for future transactions. A card can be tokenized at any number of online/e-commerce merchants. For each online/e-commerce merchant where the card is tokenized, a unique token will be generated.
read all breaking news , today’s fresh news watch top videos And live TV Here.