Reserve Bank of India (RBI) on Thursday extended the deadline for cards tokenisation till June 30, 2022. The new rules were earlier scheduled to go into effect from July 2021, but they will now come into force in January 2022.
“The timeline for storing of card on file (CoF) data is extended by six months, i.e., till June 30, 2022,” the central bank said in a notification to all payment system operators, adding that after the expiry of the extended deadline, all such data will be purged.
Here are 10 quick takeaways:
- Starting July 1, 2022, customers will not be able to save their debit or credit card details on any e-commerce platform.
- Customers will have to re-enter card details every time they conduct an online transaction.
- To avoid the repeated hassle, customers can provide their consent to e-commerce companies to “tokenise” their cards. After receiving a customer’s consent, e-commerce platforms will ask the card network to encrypt details with additional factor authentication as needed.
- Once the e-commerce platform receives the encrypted details, customers can save that card for future transactions.
- For now, only Mastercard and Visa-provided cards can be tokenised by most leading e-commerce platforms. It is expected that cards from other financial services should be able to be tokenised soon.
- The new RBI guidelines must be adhered to for both credit and debit cards.
- The new guidelines are not applicable to international transactions. Only domestic cards and transactions fall under the gamut of the new RBI guidelines.
- Customers won’t need to pay any extra charge for tokenisation of cards.
- E-commerce platforms will show the last four digits of tokenised cards for customers to easily identify them, along with the issuing bank and card network name.
- Lastly, tokenisation of card is not mandatory. Customers can choose to tokenise their cards to carry out quick transactions or enter card details otherwise.