PremiumListen to this article |
The month of June will be noteworthy for debit and credit card holders since the Reserve Bank of India (RBI) has legislated the introduction of tokenisation of card transactions, with a deadline of June 30, 2022. Tokenization relates to the substitute of existing card details with a unique code known as a token, and implementation for a tokenisation request is done via Additional Factor of Authentication (AFA) by the cardholder. This move by RBI is going to secure the credentials of your credit card, if you opt for the tokenization system till the end of June and fail to do the needful will cause you to enter your card details manually every time you make digital transactions from July.
Transactions made through tokenized cards will be a safety measure to counter fraud because the actual card details will be replaced with a token while sharing card details with the merchant during a transaction. This token will be unique for every card and also for the token requestor, and merchant when doing digital transactions beginning in July. What ICICI Bank says about card tokenization system is “Tokenisation refers to replacement of actual or clear card number with an alternate code called the “Token." This shall be unique for a combination of card, token requestor (i.e. the entity which accepts request from the customer for tokenisation of a card and passes it on to the card network to issue a corresponding token) and the merchant (token requestor and merchant may or may not be the same entity)."
Prior to the card tokenization system, cardholders followed a trend in which they saved their card details on the internet on the merchant's website. The approach saves time for cardholders because they will not have to manually enter card details in future transactions. This has led to numerous fraudsters stealing card credentials and eventually becoming the cardholder a victim by losing money from the account. To combat fraudsters and escalating card scams, the RBI implemented Tokenisation – Card Transactions, in which confidential card details are not shared with anybody and are no longer kept saved over the internet.
Regarding the safety and security of card tokenization system, ICICI Bank says “Actual card data, token and other relevant details are stored in a secure mode by the authorised card networks. Token requestor cannot store Primary Account Number (PAN), i.e., card number, or any other card detail. Card networks are also mandated to get the token requestor certified for safety and security that conform to international best practices / globally accepted standards."
To continue with, card tokenization is not necessary; a customer can either choose to have his or her card tokenized, and if not, then he or she must enter the entire card details every time to complete online transactions until the end of June, which means that he or she can save the card details further to complete the transactions. A token will be unique to a single card at a specific merchant, increasing card safety without a doubt, and card tokenization should be applied by every cardholder considering the risk involved to get stolen. Card tokenization is free of charge, and a cardholder may use any of his or her cards authorized by the token requestor to complete any transaction.
Once the card has been tokenized on the merchant portal, the customer can only view the last four digits of the card, and if the card is replaced, renewed, reissued, or upgraded, the cardholder will be required to create a token again in order to visit the merchant website. For cardholders using multiple cards, ICICI Bank has clarified that the“Bank will provide a portal to the card holders to view and manage the tokenised cards. Card holders can view / delete tokens for the respective cards through this portal. Customers can also call the Phone Banking service to place a request to manage tokenized cards." In terms of card safety and tokenized card handling, opting for the move before the deadline will not trouble you to use your card safely each and every time you use it for an online transaction and will also prevent your card details from being used by a wrong hand.
Tokenisation may only be conducted by recognized card networks such as Visa/Mastercard/American Express/Rupay, as well as the issuing banks. The cardholder can get the card tokenised by commencing a solicitation on the merchant's portal, which accepts customer requests for card tokenisation and forwards the request effectively to the issuing bank or to the card network. Your token will be issued promptly with the approval of your card issuing bank, conforming to the card, the token requestor, and the merchant after which you can successfully perform domestic credit card or debit card transactions with the help of your tokenized card. For the registration for a tokenization request, ICICI Bank says “The registration for a tokenisation request is done only with explicit customer consent through Additional Factor of Authentication (AFA), and not by way of a forced / default / automatic selection of check box, radio button, etc."