There will be good news for all credit and debit card holders soon, as online merchants will no longer be able to store customers’ card data from July 1, 2022.
New rule of debit and credit card
The Reserve Bank of India (RBI) in 2021 had issued debit and credit card tokenisation rules, keeping customer safety in mind. Under the rules, merchants were barred from storing customer card data in their servers. Therefore from July 1, 2022, merchants will have to delete customers’ debit and credit cards’ data from their records.
These card tokenisation rules will now come into effect from July 1, 2022. New TDS rule to affect doctors, social media influencers.
The RBI mandated the use of card-on-file tokens for domestic online purchases. The deadline for the nationwide adoption of card tokens has been pushed back six months, from January 1, 2022 to July 1, 2022.
It will be saved as an encrypted “token” to assist customers in conducting secure transactions. These tokens will enable payment without revealing customer information. The RBI requires that the original card
data be replaced with an encrypted digital token.
Details required for transaction by customers who agreed and not agreed for tokenisation
The card tokenisation system is optional. If a customer does not consent to the tokenisation of his or her card, he or she will have to enter all card details, such as name, card number, and card validity, instead of the card verification value (CVV), every time they make an online payment.
At the same time, if a customer is agreeable towards card tokenisation, then he or she will only have to enter the CVV or one time password (OTP) details while doing the transaction.
Tokenisation is free of charge
The tokenisation system is totally free of charge and it provides smoother payment experience while security one’s card’s data. It is only applicable to domestic online transactions.
How the registration for a tokenisation request is done
According to RBI, registration for a tokenisation request is done only with explicit customer consent through Additional Factor of Authentication (AFA), and not by way of a forced or default or automatic selection of check box, radio button, etc.
