New Rules For Debit And Credit Card Owners Starting Next Month
September 20, 2022: New rules for debit and credit card owners starting next month The Reserve Bank of India (RBI) has mandated that all credit and debit card details used in online, POS and in-app transactions be replaced with their own tokens by September 30th of this year.
The deadline has been extended by three months from July. Here’s what you need to know about the new rules for debit and credit cardholders starting in October.
What is card tokenization? Tokenization, according to RBI, refers to replacing the actual card data with an alternative code called a “token.”
What are the benefits of tokenization? Tokenized card transactions are considered more secure as the actual card details are not shared with the merchant during transaction processing.
How can tokenization be performed? A cardholder can tokenize a card by initiating a request with an app provided by a token requestor.
The token requestor forwards the request to the card network. Card networks issue tokens that match the combination of card, token requestor, and device with the consent of the card issuer.
What are the fees a customer must pay to use this service? You do not need to pay any fees to use this service.
Who can perform tokenization? Tokenization can only be performed by approved card networks and a list of approved institutions is available on his RBI website.
What are the fees a customer must pay to use this service? You do not need to pay any fees to use this service. In what use cases (instances/scenarios) was tokenization allowed?
Tokenization is allowed via mobile phones and tablets for all use cases/channels (contactless card transactions, QR codes, app payments, etc.). Is card tokenization mandatory for customers?
No, customers can choose to tokenize their cards or not. Those who do not want to create tokens can continue trading as before by manually entering their card details at the time of transaction.
Is the loyalty card data secure after tokenization? Actual card details, tokens and other related details are stored in a secure mode by authorized card networks.
Token requesters can use their Primary Account Number (PAN). H. Do not store card numbers or other card details. Card networks are also required to have certified token requestors for security and protection in compliance with international best practices/globally recognized standards.
How does the tokenization request registration process work? Tokenization request registration is only done with explicit customer consent via an Additional Authentication Factor (AFA), not forced/default/automatic selection of checkboxes, radio buttons, etc.
Customers can also choose their use cases and set limits. Is there a limit to the number of cards a customer can request for tokenization?
A customer can request tokenization for any number of cards. To carry out transactions, the customer is free to use any card registered with the token her requestor app.
Who should customers contact if they have issues with their tokenized cards? Where and how can I report a lost device?
All complaints should be sent to the card issuer. Card issuers should provide customers with easy access to report the loss of an ‘identified device’ or other events that may expose them to unauthorized use of their tokens.
Can card issuers refuse to tokenize certain cards? To Card issuers can decide whether or not to allow their cards to be registered with a token requestor, based on risk perception and other factors.
|Are you an
Entrepreneur or Startup?
Do you have a Success Story to Share?
SugerMint would like to share your success story.
We cover entrepreneur Stories, Startup News, Women entrepreneur stories, and Startup stories
Read more Business News at SugerMint. Follow us on Twitter, Instagram, Facebook, LinkedIn