SUMMARY
Called MDES Token Connect platform, the new offering will enable CoF and device-based tokenisation at the level of issuer banks via internet and mobile banking services
Mastercard said that the new platform will offer single integration for issuer banks to store cards across token requestors and eliminate the need for multiple proprietary APIs
This comes barely two months after RBI expanded the scope of card tokenisation for both debit and credit cards to include channels such as internet and mobile banking
Payments network Mastercard has launched a new platform in India to enable users to tokenise their cards via internet and mobile banking channels.
Called the Mastercard Digital Enablement Service (MDES) Token Connect platform, the new offering will enable card-on-file (CoF) and device-based tokenisation at the level of issuer banks. This tokenisation service will be available for debit and credit cards through channels such as mobile and internet banking.
Mastercard said that issuer banks will now be able to integrate their mobile and internet banking platforms with MDES Token to process online payments.
Commenting on the development, division president of Mastercard South Asia, Gautam Aggarwal, said, “The MDES Token Connect platform aims to bolster the safety of digital transactions, allowing cardholders to create and link tokens to their existing debit and credit cards across various ecommerce and digital wallet applications seamlessly through issuer channels.”
In a statement, Mastercard said that the new platform will offer single integration for issuer banks to store cards across token requestors. It also said that the Token Connect framework will eliminate the need for multiple proprietary APIs between issuer banks and token requestors.
On the other hand, the company said that the platform will offer enhanced security and immediate access for digital cardholders.
This comes barely two months after the Reserve Bank of India (RBI) expanded the scope of card tokenisation for both debit and credit cards to include channels such as internet and mobile banking.
Back then, RBI said that CoFT generation ought to be done only on explicit customer consent, and with Additional Factor of Authentication (AFA) validation.
Prior to the RBI’s directive, the creation of a Card-on-File (CoF) token was exclusively possible through the merchant’s app or webpage. CoF simply refers to the storage of card details by merchants on their platforms.
Earlier, online merchants would save user card information on their app or webpage before completing a transaction. Later on, RBI flagged this practice as critics raised security concerns over merchants freely storing sensitive financial information.
To allay these fears and risk of data leaks, RBI implemented the rule of tokenisation back in September 2021. Under this, a unique token, rather than actual card details, was stored with the merchant.
Since October 2023, India has issued around 560 Mn card tokens following the RBI’s directive to tokenise cards for ecommerce transactions, as per a report by Visa.