Home / News / India /  Card tokenization deadline extended till 30 September
Listen to this article

MUMBAI : The Reserve Bank of India (RBI) has deferred for a second time the implementation of tokenization of cards for online transactions by three months till September, after industry stakeholders highlighted problems about the guidelines.

“The industry stakeholders have highlighted some issues related to implementation of the framework in respect of guest checkout transactions. Also, the number of transactions processed using tokens is yet to gain traction across all categories of merchants. These issues are being dealt with in consultation with the stakeholders and to avoid disruption and inconvenience to cardholders, the Reserve Bank has today announced extension of the said timeline of 30 June by three months to 30 September," RBI said. The industry should utilize this time to prepare all stakeholders to be ready for handling tokenized transactions, implement an alternate mechanism to handle all post-transaction activities related to guest checkout transactions, and also create awareness about the process of creating tokens and using them to undertake transactions, RBI said.

It also encouraged card holders to tokenize their cards for their own safety. Till date, about 195 million tokens have been created. Opting for creation of tokens is voluntary for cardholders. Those who do not wish to create a token can continue to transact as before by entering card details manually at the time of undertaking transactions. RBI issued fresh guidelines in September 2021, giving companies until the end of the year to comply with the regulations and offering them the option to tokenize. It has ordered all companies in India to purge saved credit and debit card data from their systems from 1 January, 2022. However, this deadline was extended by six months as the industry was not ready for the transition.

Tokenization is a process by which card details are replaced by a unique code or token, which can then be stored by the merchants for processing transactions in future. These tokens are usually generated by an algorithm, allowing online purchases to go through without exposing card details, to improve data security.

To create a token, the cardholder has to undergo a one-time registration process for each card at every online or e-commerce merchant’s website or mobile application, by entering card details and giving consent for creating a token. This consent is validated by way of an additional factor of authentication.

Catch all the Business News, Market News, Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.
More Less
Subscribe to Mint Newsletters
* Enter a valid email
* Thank you for subscribing to our newsletter.

Recommended For You

Edit Profile
Get alerts on WhatsApp
Set Preferences My ReadsWatchlistFeedbackRedeem a Gift CardLogout