RBI permits card-on-file tokenisation for e-commerce to enable fast payments under new regulations

The Reserve Bank of India has announced that, as part of its plan to bar data storage by online merchants, customers will be able to continue fast checkouts via card-on-file tokenisation services.

The RBI says its new one payment regulations will still enable fast checkouts – Alto Nivel

The RBI regulation, which will prevent e-commerce merchants from storing customers’ bank card details on file from January 1, 2022, is designed to increase e-commerce security as well as consumer trust. Card-on-file tokenisation enables customers to request their banks to issue tokens to the online retailer in lieu of their card details for both the payment at hand and subsequent payments. This means that retailers do not store bank details of their customers and so they cannot be fraudulently accessed by hackers. 
“The device-based tokenisation framework advised vide circulars of January 2019 and August 2021 has been extended to Card-on-File Tokenisation (CoFT) services as well,” said the RBI in a statement, TNN reported.

If hackers were to breach the security measures of e-commerce retailers using CoFT services, they would only have access to tokens which cannot be used for other purchases as they would not be using a registered device. This would prevent situations where customer bank data has been leaked, as has happened with several online retailers in recent years.
“Contrary to some concerns expressed in certain sections of the media, there would be no requirement to input card details for every transaction under the tokenisation arrangement,” said the RBI. “The efforts of the RBI to deepen digital payments in India and make such payments safe and efficient shall continue.”

Copyright © 2021 All rights reserved.

Back to top button