Online payments will change after January 1; check out RBI's new guidelines
To improve data security, the RBI released rules in March 2020 stating that retailers will not be permitted to keep card information on their websites.
The Reserve Bank of India (RBI) has instructed all merchants and payment gateways to erase personal customer data from cards maintained on their end and instead use encrypted tokens to carry out transactions to make online payments safer and more secure. Banks have begun warning consumers about the changes. "Beginning January 1st, 22! Merchants will remove your HDFC Bank card data kept on their website/app in accordance with the RBI regulation for better card security. "To pay each time, input complete card data or choose tokenisation," says an SMS sent to HDFC Bank clients last week.
To improve data security, the RBI released rules in March 2020 stating that retailers will not be permitted to keep card information on their websites. It published new rules in September 2021, allowing businesses till the end of the year to comply with the regulations while also providing them with the option to tokenise. The Reserve Bank of India has mandated that all businesses in India delete all credit and debit card data from their systems by January 1, 2022.
To those who are unaware, tokenisation refers to when you use your debit or credit card for a transaction; the transaction is executed based on information such as the 16-digit card number, the card expiration date, the CVV, and the one-time password or transaction PIN. In reality, a transaction is only successful if all of these variables are appropriately recorded for a single transaction.
Tokenisation is the process of replacing actual card data with a unique substitute code known as the "token." This token is unique for each card, token requestor, and device combination. From January onwards, when the user makes the first payment to any merchant, the user must provide him/her with your approval via an extra factor of authentication (AFA). After that, the user will be able to finish the payment by entering your card's CVV and OTP.
When card information is kept in an encrypted format, the danger of fraud or compromised data is decreased. Simply said, when you provide the data of your debit/credit card in the form of a token, the danger is reduced. The programme is intended to make card transactions safer, more secure, and easier for users.
According to the central bank, there would be no need to enter card information for every transaction under the tokenisation scheme. According to an RBI press release, some merchants require their clients to save card details. The availability of such information with a large number of merchants significantly raises the danger of card data theft. In the recent past, there have been cases in which merchants' card data has been compromised/leaked.