The rules for online payments for debit and credit cards will change from October 1, 2022, as the Reserve Bank of India's (RBI) card-on-file (CoF) tokenisation norms come into effect.
The new rules are expected to improve the payment experience and prevent cardholders from online fraud. The deadline for the RBI's new tokenisation guidelines was set to come into effect from July 1, but it was extended to September 30.
What are the new credit and debit card rules?
In 2021, the central bank restricted merchant sites from saving the card details (card numbers, expiration dates) of customers and mandated the adoption of tokenisation as the availability of card details with multiple entities increases the risk of card data being stolen or misused.
What is tokenisation?
Tokenisation is the process of turning sensitive data into 'non-sensitive’ data called tokens. These tokens convert a debit or credit card holder’s 16-digit account number into a digital credential that can’t be stolen or reused. The data of your card is now replaced with this token. When the card details are saved in an encrypted manner, the risk of fraud or compromised data gets reduced.
So far, 19.5 crore tokens have been issued. And most large merchants have already complied with the RBI's card-on-file (CoF) tokenisation norms.
How will it Impact customers?
A shopper will have to put in their entire card details when they shop for something. Once customers start purchasing an item, the merchant will initiate tokenisation and ask for consent to tokenise the card. Once consent is given, the merchant will send the request to the card network.
The card network will create a token, which will act as a proxy to the 16-digit card number and send it back to the merchant. The merchant will save this token for future transactions. Now, they will be required to enter CVV and OTP like before to give approval.
READ | Flipkart Big Billion Days sale 2022: Get Apple iPhone 13 under Rs 35,000, here's how