RBI Extends Card-On-File Tokenisation Scope To Include Card Issuing Banks

Share via:

The Reserve Bank of India (RBI) has expanded the scope of card tokenisation for both debit and credit cards. Formerly limited to merchant applications or websites, individuals can now tokenise their cards via internet and mobile banking services.

In an effort to make digital payments more secure, safe and sound, RBI has now enabled card-on-file tokenisation (CoFT) through card issuing banks and institutions.

“It has been decided to enable card-on-file tokenisation directly through card-issuing banks/institutions also. This will provide cardholders with an additional choice to tokenise their cards for multiple merchant sites through a single process,” the RBI said in a circular.

The circular further said CoFT generation should be done only on explicit customer consent, and with Additional Factor of Authentication (AFA) validation.

“If the cardholder selects multiple merchants for which to tokenise his/her card, AFA validation may be combined for all these merchants,” the RBI said.

In addition, the card issuer will need to provide a complete list of merchants for whom it can provide tokenisation services.

Currently, the creation of a Card-on-File (CoF) token is exclusively possible through the merchant’s application or webpage. The storage of card details by merchants is referred to as CoF.

Earlier, it was a prevalent practice for merchants to retain card information, and in certain cases, users were often compelled to store their card details on the merchant’s app or webpage before completing a transaction. However, this practice of freely storing such sensitive information posed a significant threat to the security of users’ financial data.

To mitigate the risk of data breaches and leaks, RBI implemented the rule of tokenisation in September 2021. Under this regulation, rather than storing actual card details, a unique token, specially generated for each transaction, is securely saved with the merchant.

Eventually, the RBI rolled out CoFT from Oct 1, 2022. India has issued around 560 Mn card tokens since October last year, following the RBI’s directive to tokenise cards for ecommerce transactions, global payments operator Visa said in its new report.

The post RBI Extends Card-On-File Tokenisation Scope To Include Card Issuing Banks appeared first on Inc42 Media.

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

RBI Extends Card-On-File Tokenisation Scope To Include Card Issuing Banks

The Reserve Bank of India (RBI) has expanded the scope of card tokenisation for both debit and credit cards. Formerly limited to merchant applications or websites, individuals can now tokenise their cards via internet and mobile banking services.

In an effort to make digital payments more secure, safe and sound, RBI has now enabled card-on-file tokenisation (CoFT) through card issuing banks and institutions.

“It has been decided to enable card-on-file tokenisation directly through card-issuing banks/institutions also. This will provide cardholders with an additional choice to tokenise their cards for multiple merchant sites through a single process,” the RBI said in a circular.

The circular further said CoFT generation should be done only on explicit customer consent, and with Additional Factor of Authentication (AFA) validation.

“If the cardholder selects multiple merchants for which to tokenise his/her card, AFA validation may be combined for all these merchants,” the RBI said.

In addition, the card issuer will need to provide a complete list of merchants for whom it can provide tokenisation services.

Currently, the creation of a Card-on-File (CoF) token is exclusively possible through the merchant’s application or webpage. The storage of card details by merchants is referred to as CoF.

Earlier, it was a prevalent practice for merchants to retain card information, and in certain cases, users were often compelled to store their card details on the merchant’s app or webpage before completing a transaction. However, this practice of freely storing such sensitive information posed a significant threat to the security of users’ financial data.

To mitigate the risk of data breaches and leaks, RBI implemented the rule of tokenisation in September 2021. Under this regulation, rather than storing actual card details, a unique token, specially generated for each transaction, is securely saved with the merchant.

Eventually, the RBI rolled out CoFT from Oct 1, 2022. India has issued around 560 Mn card tokens since October last year, following the RBI’s directive to tokenise cards for ecommerce transactions, global payments operator Visa said in its new report.

The post RBI Extends Card-On-File Tokenisation Scope To Include Card Issuing Banks appeared first on Inc42 Media.

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

Australian government drops misinformation bill

The Australian government has withdrawn a bill that...

Latin America fintech will be a market to watch...

Midway through 2024, Mike Packer, a partner at...

Reserve Bank of India expanding cross-border payments platform

According to the Atlantic Council, 134 countries are...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!