The Reserve Bank of India (RBI) today extended the deadline for card tokenisation by three months to September 30, 2022 after its criticism by industry parties.
The central bank had earlier directed the merchants to implement its tokenisation norms by June 30, 2022.
This is the third time RBI has extended the deadline of its implementation.
Last September, RBI prohibited merchants from storing customer card details on their servers with effect from January 1, 2022.
In April this year, the Reserve Bank of India (RBI) proposed new rules related to debit and credit cards with the security of user details as a key highlight.
The central bank said a tokenized card transaction is considered safer as the actual card details are not shared with the merchant during transaction processing.
The card tokenisation converts your card details into a unique code called 'token' that is specific to your card and one merchant at a time.
The code does not reveal the details of your card and can be saved on the online portal’s server.
This prohibits all online shopping portals from saving your card numbers, CVV, expiry date, etc. on their servers.
According to a recent report by The Dialogue and DeepStrat, there are operational and executional challenges that make the implementation of card tokenisation difficult.
The report said the industry is not completely ready to implement the tokenisation framework yet.
“Without proper tokenisation infrastructure, deletion of Card-on-File data will cause tremendous user inconvenience as it will require them to re-enter the card details for every transaction,” the report noted, adding that further, implementation of the framework without sufficient preparedness may also lead to increased transaction failures and delays.
The think tank also conducted a recent study which found that there is a varied level of preparedness for varied stakeholders.
Talking about the findings of the study, Kazim Rizvi, Founding Director, The Dialogue noted that no stakeholder is fully ready to implement the tokenisation framework.
As per industry inputs, while token provisioning has made considerable progress with more than ten crore tokens generated by the token service providers, which will cover 60-70% of the Indian cardholders, the industry is still continuously working towards developing solutions for certain use cases such as guest checkouts, EMIs, and recurring payments, which have been in a constant phase of evolution. However, more time is required for testing and ensuring scalability for a successful implementation.
The card networks such as Mastercard, Visa, and RuPay have claimed that their solutions are ready for tokenisation. Similarly, PayU, Razorpay, PhonePe, Pine Labs, etc. have also come up with solutions to help the businesses transition to the framework.
