News

RBI Extends Card Tokenisation Deadline By 3 Months Till September 30

Is Three-Month Extension Sufficient For The Payment Ecosystem To Prepare For Card Tokenisation?
SUMMARY

The RBI said it has decided to extend the deadline for another three months due to lack of significant traction in processing of token-based transactions

Industry players had sought an extension, which were deferred twice earlier

Tokenisation refers to masking card details with an alternate code so that customers’ card details are not shared during transactions

Inc42 Daily Brief

Stay Ahead With Daily News & Analysis on India’s Tech & Startup Economy

Amid requests from industry, the Reserve Bank of India (RBI) on Friday (June 24) extended the deadline for card tokenisation and storage of card data by another three months till September 30, 2022. 

“…it has been decided to extend the timeline for storing of CoF (card-on-file) data by three months, i.e., till September 30, 2022, after which such data shall be purged,” the RBI said in a notification.

The directive was issued under various sections of the Payment and Settlement Systems Act, 2007. The decision was taken due to a lack of significant traction in processing of token-based transactions. 

“…an alternate system in respect of transactions where cardholders decide to enter the card details manually at the time of undertaking the transaction (commonly referred to as “guest checkout transactions”) has not been implemented by the industry stakeholders, so far,” the central bank said.

This is the third time that the RBI has deferred the implementation of guidelines for card transactions. It was first postponed from June 30, 2021 to December 30, 2021 and then later to July 1, 2022. 

What Is Card Tokenisation?

Tokenisation refers to masking card details with a unique alternate code to ensure that the actual card information is not shared with the merchants. The tokens will be issued by card networks such as Visa, MasterCard, RuPay.

Under the guidelines, payment aggregators, merchants and payment gateways will have to purge the customers’ card data stored with them.

According to the central bank, tokenised card transactions are safer as the actual card details are not shared with the merchants while processing transactions.

In its statement on Friday, the RBI noted that ‘considerable’ progress had been made in terms of token creation. 

Many payment aggregators and other firms have announced that they have switched to token-based transactions. In December last year, Google partnered with Microsoft to adopt tokenisation. It had then assured its customers that the company would not collect user data.

Other major players such as PhonePe, Razorpay, PayU and Infibeam have also made a switch to the tokenisation system. 

Meanwhile, merchants continue to oppose the move citing adverse impact on their businesses. Many subscription-based fintech players have said that the move will affect their incoming revenue from clients that have not moved to tokenisation. 

In its ‘Payments Visions 2025’, the RBI said it aims to increase the number of digital transactions in the country by more than 3X by 2025.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.

Inc42 Daily Brief

Stay Ahead With Daily News & Analysis on India’s Tech & Startup Economy

Recommended Stories for You