Large merchants comply with card tokenisation as deadline nears: Report

The RBI had directed the merchants to implement its tokenisation norms by June 30, 2022. The central bank has twice extended the deadline of its implementation in the past.

Card Tokenisation
Card-on-file or CoF refers to card information stored by payment gateway and merchants to process future transactions.
Press Trust of India New Delhi
2 min read Last Updated : Jun 24 2022 | 4:21 PM IST

Most of the large merchants have complied with the RBI's card-on-file (CoF) tokenisation norms and 19.5 crore tokens have been issued so far, sources said.

The RBI had directed the merchants to implement its tokenisation norms by June 30, 2022. The central bank has twice extended the deadline of its implementation in the past.

Card-on-file or CoF refers to card information stored by payment gateway and merchants to process future transactions.

According to the sources, the system is fairly well prepared as most large merchants have already adjusted.

Some of them are in the process of doing it, while for some foreign entities business may not be that large for them to focus on making these changes, the sources said.

There are about 19.5 crore tokens have already been issued so far and it is going up regularly, they added.

Under tokenisation services, a unique alternate code is generated to facilitate transactions through cards.

The RBI in last September prohibited merchants from storing customer card details on their servers with effect from January 1, 2022, and mandated the adoption of CoF tokenisation as an alternative to card storage.

The basic purpose of tokenisation is to increase and improve customer safety. With tokenisation, storage of card details is limited.

The RBI in March 2020 stipulated that authorised payment aggregators and the merchants onboarded by them should not store actual card data to minimise vulnerable points in the system. On a request from the industry, it extended the deadline to December 2021 as a one-time measure.

The tokenisation of card data, however, shall be done with explicit customer consent requiring an additional factor of authentication (AFA).

(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

Subscribe to Business Standard digital and get complimentary access to The New York Times

Quarterly Starter

₹900

3 Months

₹300/Month

SAVE 25%

Smart Essential

₹2,700

1 Year

₹225/Month

Save 46%

Super Saver

₹3,900

2 Years

₹162/Month

Subscribe

Renews automatically, cancel anytime

Here’s what’s included in our digital subscription plans

Access to Exclusive Premium Stories Online

  • Over 30 behind the paywall stories daily, handpicked by our editors for subscribers

Complimentary Access to The New York Times

  • News, Games, Cooking, Audio, Wirecutter & The Athletic

Business Standard Epaper

  • Digital replica of our daily newspaper — with options to read, save, and share

Curated Newsletters

  • Insights on markets, finance, politics, tech, and more delivered to your inbox

Market Analysis & Investment Insights

  • In-depth market analysis & insights with access to The Smart Investor

Archives

  • Repository of articles and publications dating back to 1997

Ad-free Reading

  • Uninterrupted reading experience with no advertisements

Seamless Access Across All Devices

  • Access Business Standard across devices — mobile, tablet, or PC, via web or app

More From This Section

Topics :Reserve Bank of IndiaTokenisationPayment GatewayCardsKolkata’s Taj Gateway Hotel

First Published: Jun 24 2022 | 4:21 PM IST

Next Story