Home>>Business>>Card tokenisation deadline extended by 3 months to September 30, 2022
Business

Card tokenisation deadline extended by 3 months to September 30, 2022

Debit and credit card tokenisation, which were set to come into effect from July 1, will now take effect three months later. The Reserve Bank of India  announced an extension in the deadline for card tokenisation by three months to September 30, 2022.
The earlier deadline was June 30.
“The industry stakeholders have highlighted some issues related to implementation of the framework in respect of guest checkout transactions. Also, number of transactions processed using tokens is yet to gain traction across all categories of merchants. These issues are being dealt with in consultation with the stakeholders,” the RBI said in a release.
The central bank said that this extended time period may be utilised by the industry for facilitating all stakeholders to be ready for handling tokenised transactions; processing transactions based on tokens; implementing an alternate mechanism(s) to handle all post-transaction activities (including chargeback handling and settlement) related to guest checkout transactions and creating public awareness the same.
Till date, about 19.5 crore tokens have been created, the RBI shared, adding that opting for CoFT (i.e., creating tokens) is voluntary for the cardholders. Those who do not wish to create a token can continue to transact as before by entering card details manually at the time of undertaking the transaction (commonly referred to as “guest checkout transaction”).
Earlier, the last date to comply with tokenisation rules was December 31, 2021, after which entities other than card networks and card issuers cannot store card data. However, the central bank subsequently pushed forward the timeline to June 30, 2022.
A framework for CoF Tokenisation (CoFT) services was also issued. Under this framework, cardholders can create tokens in lieu of card details which can then be stored by the merchants for processing transactions in future. Thus, CoFT obviates the need to store card details with merchants and provides the same level of convenience to cardholders.
How does tokenisation work?
To create a token, the cardholder has to undergo a one-time registration process for each card at every online/e-commerce merchant’s website/mobile application, by entering the card details and giving consent for creating a token.
This consent is validated by way of authentication through an AFA.
Thereafter, a token is created which is specific to the card and online/e-commerce merchant. This means that the token cannot be used for payment at any other merchant.
For future transactions performed at the same merchant website/mobile application, the cardholder can identify the card with the last four digits during the checkout process.
Thus, the cardholder is not required to remember or enter the token for future transactions.
It must be noted that a card can be tokenised at any number of online / e-commerce merchants. For every online / e-commerce merchant where the card is tokenised, a specific token will be created.

Leave a Reply

Your email address will not be published. Required fields are marked *