RBI Tokenisation: The Reserve Bank of India (RBI) is going to change the card-on-file tokenization rule from October 1. The Reserve Bank says that due to the implementation of the card tokenization rule, debit and credit card payments will be more secure. There will also be ease in payment and transaction. According to the Reserve Bank, whenever a customer transacts with a debit or credit card online, at a point of sale or on an app, all the details related to the account will be saved in the encrypted code, according to the Reserve Bank.
So far it happens that when we do a transaction with a debit or credit card at any POS, online or in the app, then its details are saved in the company’s server. Only when you go to make payment online or on the app again, the company does not ask you for full details. There your account number, card number etc. are already present there. All you have to do is enter the CVV again and the payment is done. This will not happen from October 1 because there will be no data store in the company’s servers. They will get every information related to the card in an encrypted code which cannot be read.
The transaction will be secure as the card details are in the encrypted code. The incident of hacking and cyber fraud will get rid of. If the card details are already present in the servers of the companies, then it will have to be deleted. Tokenization system is being implemented in view of cyber crime. The rule of tokenization related to debit and credit cards was earlier to come into force on July 1, but has been extended to October 1. In this, the customer will not have to do anything, but POS, online and app companies have to implement the system.
A report by news agency PTI says that most merchants have started following the Reserve Bank’s card-on-file tokenization and 195 crore tokens have been issued so far. This token is different from the physical token which is given to wait till the number comes in the bank etc. The card-on-file token will be completed in seconds and will be generated in seconds as soon as the debit or credit card is punched. Then on the basis of the same token the company will deduct money from your account. But the company will not be able to see the card details as it will be fully encrypted.
Let’s understand in simple language how the token will work. Suppose you shop from Amazon, then this company will not be able to store your card details in its machine. When you shop, a special token will be generated for Amazon and the device from which the payment has been made. This token will also be generated for specific services such as contactless, QR code or in-app payment. In this, the card number, CVV and card expiry details will be in the code, which the company will not be able to read. Once the code is generated, the next time you go shopping on the same online site, the payment will be done with the same encrypted code. You just have to punch the card.