extended by RBI.
June 30, 2022, was the last date for card tokenization But the Reserve Bank of India (RBI) has extended the timeline for tokenization of debit and credit cards by three months.
So, Tokenisation can now be done till September 30, 2022.
Under the RBI framework, Cardholders have to create “tokens” using card details as directed by RBI. merchants will be stored these tokens to process transactions in the future.
Avoid disruption and inconvenience to cardholders. These decisions were taken in consultation with stakeholders.
According to RBI, an extended-time period can be utilized by the industry:
To facilitate stakeholders to be ready for handling tokenized transactions.
To procedural transactions on the basis of tokens.
Handling all post-transaction activities to implement an alternate mechanism.[rc1]
To create public awareness of the process of creating tokens and using them for undertaking transactions.
In the present situation, many entities are involved in the online card transaction data such as expiry date, and card number, stating the convenience of cardholders to undertake transactions in the future. But this type of practice was risker because data can be taken or misused.
As per RBI, many authorities do not make Additional Factor of Authentication (AFA) mandatory, for authenticating card transactions. Thus, stolen/taken data in the hands of fraudsters’, could lead to unauthorized transactions and monetary loss to cardholders. However, RBI in December 2021, mandated entities other than card issuers and card networks to not store debit or credit card data with them. Hence, RBI issued a framework for CoF Tokenisation (CoFT) services
People who do not wish to generate a token can continue to transact as earlier, by entering card details manually, at the time of transaction. This transaction is termed a “Guest checkout transaction”.