New Delhi: In a effort to secure debit and credit card information to protect data on debit and credit cards, the Reserve Bank of India (RBI) has broadened the extent of tokenisation and allowed card issuers to function as token service suppliers (TSP).
This Central Bank is now all ready to bring its tokenisation rules for cards on file into force on October 1st.
What is Tokenisation of Card Transactions?
With tokenisation services the unique code is created to allow transactions with cards. Card-on-file refers the information of a card that is stored by the payment gateway and merchants for processing future transactions.
The Reserve Bank of India had just a couple of months ago expanded the reach of tokenisation card services for paymentto various consumer devices,
including desktops, laptops, wrist watches bands, watches as well as the Internet of Things (IoT) along with tablets and mobile phones.
“The tokenisation framework based on devices, as outlined by circulars issued in the months of January and August, 2019 was extended to Card-on File Tokenisation (CoFT) solutions as well.
Card issuers are now able to provide services for tokenisation of cards in the form of Token Service Providers (TSPs).
Tokenisation of data from cards must be done with the explicit consent from the customer and requires the addition of an Additional Factor for Authentication (AFA),” the RBI has stated in an announcement.
It stated that the move will enhance the security and security of data stored on cards while preserving the ease of transactions with cards.
The RBI stated that it was it was citing the ease of use and comfort of card transactions online, a lot of companies involved in the card payment chain keep exact card information.
Some retailers make their customers store card information.
The availability of these details to many merchants greatly increases the likelihood of data from cards being stolen.
In the past there have been instances where the card information stored by certain merchants was compromised or released.
Leaks of CoF information could have severe consequences as many countries don’t require an AFA to conduct card transactions The RBI stated, noting that stolen card information could be used to carry out fraud within India by using social engineering techniques.
The tokenisation of credit card information however, will be carried out with the explicit consent, which will require AFA the RBI said.
The RBI declared that the CoFT is a way to improve security for customer data will provide customers with the same convenience that they currently enjoy.