The deadline has been extended twice previously.
Before October 1, the RBI mandated that all merchants destroy all customer debit and credit card information and switch to using one-of-a-kind tokens instead. It requires masking all sensitive details like 16-digit card numbers, names, expiry dates, and codes with a unique card number called token. The token can be an autogenerated encrypted code like how we see the passwords are stored traditionally across major websites.
Except for card issuers and card networks, all parties must abide by this guideline.These regulations allow authorized card payment networks to provide card tokenization services to customers at their request.
What exactly is Tokenization? and how will it protect our sensitive financial information?
Tokenization is the method of substituting card information with a special code or token, enabling people to make online purchases without disclosing their private card information. A token is a uniquely created placeholder that is obtained from the company’s internal network at random. Credit and debit card information for customers is accessed, recovered, and maintained using it. When recurring payments are made or when retailers keep card information to expedite checkouts, it is utilized. It guarantees increased card transaction security and safety.
Often during hacking attempts, debit and credit card information are exposed on merchant website. Card tokenization will help address this issue to a certain extent. It allows customers to save digital copy of their cards on their smartphones. Therefore, they need not carry a physical card for payments. It will improve customers’ payment experience and helps in higher transaction approval rates for merchants due to additional layer of security.
After December 31, 2022, it will be impossible to store card details,
Who carries out the tokenization and how?
Only authorized card networks are permitted to do tokenization, and the RBI website contains a list of those networks. Cardholder(You) can request get the card tokenized by initiating a request on the app provided by the token requestor. The token requestor will forward the request to the card network which, with the consent of the card issuer, will issue a token corresponding to the combination of the card, the token requestor, and the device.
Will I be charged for this and is it mandatory?
No, you won’t be charged and it is not mandatory. You can choose to opt for it, and if you do not wish to tokenize your card, you can carry out transactions as usual.