From January 1, 2022, from the E-Commerce Operators like Amazon, Flipkart, Myntra, Nayka, etc., etc. to Online Food Delivery aggregators like Swiggy and Zomato will not be able to save Card information on their platforms as per new guidelines issued by the Reserve Bank of India (RBI).
With effect from January 1, 2022, the customers of E-Commerce Operators and Food Delivery aggregators would not be able to save their debit or credit cards on any platform, consequently, they may have to re-enter the details on every online transaction.
The Reserve Bank of India brought in card on file (CoF) tokenization guidelines that mandate replacing actual card data with encrypted digital tokens to facilitate and authenticate transactions. The use of one’s credit or debit cards while shopping on any online platform such as Flipkart, Amazon, Myntra, Nayka, etc., will change. One will not have to save one’s 16-digit card number along with the card’s expiry date on the website. As per RBI’s new rules, the only way one can avoid the hassle is by making a card payment repeatedly is through the process called ‘tokenization.’
In March 2020, the RBI said that payment aggregators and their onboarded merchants must not save the card details of users. Therefore, the RBI has allowed card issuers to offer card tokenization services as Token Service Providers (TSPs). This will be facilitated through consumer consent and will require an ‘Additional Factor of Authentication (AFA)’. With tokenization, the entities involved in the transaction do not have to memorise what the card entails on either end since it is converted into a unique ‘token’ that facilitates the payment.
The word token means replacing a real card number with an optional code that will be converted into a token. Token card data can be used in place of the actual card number for future online purchases as directed by card users. A token card is safer than real card details to make payments and share with online merchants. You don’t need to provide details like card number, expiry date, CVV, such as debit/credit card transactions when using tokens.
As per RBI guidelines, only card networks like Visa, Mastercard, American Express, RuPay, and others can use the tokenization technology.
With online banking, online fraud has also increased drastically. Therefore, to make online payments more secure, the Reserve Bank of India (RBI) has asked all merchants and payment gateways to remove sensitive details of customers’ debit cards and credit cards that they have saved.
The new guidelines are not applicable to international transactions. Only domestic cards and transactions fall under the gamut of the new RBI guidelines.
There is no extra charge for the tokenization of cards.
Support our journalism by subscribing to Taxscan AdFree. Follow us on Telegram for quick updates.