Tokenize your debit card, credit card for safe online transactions from Oct 1

tech.hindustantimes.com:

If online is your preferred mode of payment, you can use a virtual code instead of exposing your actual card details to shield against data thefts and financial frauds from Saturday, as RBI norms on card tokenization come into force.

Card-on-file Tokenization (CoFT) is a process through which the actual details such as the 16-digit number, expiry date on a credit or debit card are replaced by a virtual code which is unique for that card, merchant point where it is to be used and the token requestor (or the card user).

As per RBI guidelines, payment aggregators, wallets and online merchants (entities in card transaction/payment chain other than card issuers/card networks) cannot store any sensitive card-related customer information including full card details from October 1, 2022.

The guidelines were to actually come to effect from July 1 this year. However, RBI allowed another three months for the norms to kick in as all the players involved were not ready for the new system by then.

For cardholders' interest, it is important to note that tokenisation is meant for online/e-commerce transactions only as this is where their data usually gets stored. For face-to-face or point of sale (PoS) transactions, tokenization is not applicable as it involves no storage of data.

Though it is not mandatory for cardholders to tokenize their cards, it is considered a safer mode of transaction as actual card details are not shared/stored with the merchants.

SBI Card, India's only pure-play credit card issuer promoted by the country's largest lender has already integrated the required changes.

"We are ready to launch this as per the given RBI deadline," Rama Mohan Rao Amara, MD & CEO, SBI Card said.

He said Card-on-File Tokenization (CoFT) is a