Card-on-File Tokenization will usher in a new era of safer digital payments: Mastercard
Hyderabad: To safeguard India from mounting cyber and financial fraud cases, the Reserve Bank of India rolled out a landmark decision in September 2021. The new regulation by the central bank permitted the payments networks and issuer Banks to offer card tokenization services as Token Service Providers (TSPs) to the e-commerce Merchants and Payment Aggregators starting 01 January 2022. This permission is an extension to the device-based tokenization services provided by payments network.
Tokenization is a mechanism to replace card numbers with a token, i.e., a virtual number, specific to a merchant. When a consumer logs into a merchant app or website, where their card details were stored, they only see the last 4 digits of the original card number. At the backend, TSPs will replace the card number with a token, ensuring that card details are not stored anywhere in the value chain, except for issuer banks and the networks. The process makes card-based transactions safer and more reliable. The process of tokenization will be based on consumer consent, validated through an additional factor authentication.
For consumers, who have their card details stored on multiple e-commerce merchants, their card details will be converted into token if they transact before 1st Jan 2022. Post the deadline, the consumer will have to enter their details one time to convert into tokens. For all subsequent transactions, consumers can continue to enjoy the single-click checkout experience that they have today. For consumers who are using their card details for the first time on e-commerce apps or websites, RBI has given them a seamless option to provide consent with an additional factor of authentication like OTP as part of the checkout process.