Lately, the RBI has been pushing the payments industry in India to adopt card tokenization in order to protect and enhance the security of online card transactions.
When someone chooses to save their card details on an app or website (called merchants), as per RBI guidelines, a token is generated against the card and saved on the merchant’s cloud servers. Here, the card holder’s private details are not shared with the app or website.
The RBI wants to change the digital payments situation and standardize the security of all online card transactions with something called “tokenization”. Card tokenization is a mechanism introduced by the RBI to protect domestic card transactions using random strings of tokens instead of sharing your private card details. The token is a unique, encrypted code that points to the card.
When someone chooses to tokenize a card, the card network (e.g., Visa, MasterCard, etc.) issues the token with the consent of the bank and shares it with the merchant. For instance, if a user saves an SBI Visa debit card on Paytm as per RBI’s guidelines, then Visa will generate the token, taking consent from SBI, and will share the token with Paytm.
If users choose to save the same credit or debit card on another app, then a new token will be generated, and it will be shared with the app. Even for the same card, the token will be different depending on the merchant and device. It means the tokens are unique and discrete, which is good from a security point of view. This way, merchants will not have access to the private card details and thus, the card will be protected from online data breaches.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
