RBI Proposes Card-on-File Tokenisation at Issuer-Bank Level
RBI Proposes Card-on-File Tokenisation at Issuer-Bank Level
The Reserve Bank of India (RBI) governor Shaktikanta Das recently proposed the introduction of card-on-file tokenisation (CoFT) facility at the issuer-bank level. This means that credit/debit card users will be able to generate card tokens on their bank’s website or app instead of e-commerce websites/apps while shopping online.
This move is aimed at improving data security and giving customers greater control over managing their card tokens.
What is tokenisation?
Tokenisation is the process of replacing a card's 16-digit number with a unique token that is specific to the user's card and specific for one merchant at a time. The token hides the true details of your card, so that in case a data leak happens from the merchant website, the hackers cannot misuse the card.
Benefits of issuer-bank level tokenisation
- Increased security: Issuer-bank level tokenisation will eliminate the need for merchants to store sensitive card data, which will reduce the risk of data breaches.
- Convenience: Customers will be able to create and manage their tokens in one place, on their bank's website or app. This will save them time and effort.
- Control: Customers will have greater control over their tokens, including the ability to disable or delete them at any time.
How it will work
Once the RBI proposal is implemented, customers will be able to generate card tokens on their bank's website or app. They will then be able to use these tokens to make online payments at any merchant that supports tokenisation.
When a customer makes a payment with a token, the merchant will send the token to the customer's bank for authorisation. The bank will then verify the token and process the payment.