(H.T)
The Reserve Bank of India had announced about the changes in online payment rules in 2020. It September this year, it gave online merchants time till the year end to start implementing tokenisation. Accordingly, the banks have been informing their customers.
To provide better security to people and make online payments safer, the Reserve Bank of India (RBI) has asked all merchants and payment gateways to remove sensitive customer details and debit and credit cards that is saved on their end.
The new rules will come into effect from January 1.
After the order from the RBI, the merchants and payment gateways will have to delete all the information stored on their servers. This means that a user will have to enter the full card details to make payments on merchant websites.
Banks have started informing their customers about the changes that are coming into effect. One of the leading private banks HDFC has been sending text messages to its customers that they will either have to enter full card details or opt for tokenisation.
According to the current system, the execution of transaction is based on the correct values of 16-digit card number, the card expiry date, the CVV and the one-time password or OTP (in some cases transaction PIN too). Tokenisation refers to replacement of actual card number with an alternative code, called the “tokens”.
It is unique for a combination of card, token requestor (i.e. the entity which accepts request from the customer for tokenisation of a card and passes it on to the card network to issue a corresponding token) and device (referred hereafter as “identified device”).
According to RBI, a tokenised card transaction is considered safer as the actual card details are not shared with the merchant during transaction processing.
