Business

RBI Extends Tokenisation Deadline to July 2022; You Can Now Use Debit Or Credit Cards Till June 2022

RBI, through a circular on December 23, extended the deadline for the implementation of the new tokenisation mechanism to July 1, 2022 from the earlier date of January 1, 2022.

Getting your Trinity Audio player ready...
RBI Extends Tokenisation Deadline to July 2022; You Can Now Use Debit Or Credit Cards Till June 2022
info_icon

In the interest of debit and credit card cardholders, the Reserve Bank of India (RBI) has decided to extend the implementation of tokenisation, a new card on file information storage mechanism, to July 1, 2022. The implementation was slated from January 1, 2022.

RBI announced the extension of the tokenisation deadline through a circular issued on December 23, 2021. “In addition to tokenisation, industry stakeholders may devise alternate mechanism(s) to handle any use case (including recurring e-mandates, EMI option, etc.) or post-transaction activity (including chargeback handling, dispute resolution, reward/loyalty programme, etc.) that currently involves/requires storage of CoF data by entities other than card issuers and card networks,” said the circular.

The tokenisation solution will essentially replace all the debit and credit card information of a cardholder with a randomly generated number called a “token”. An OTP-based two-factor authentication method along with cryptograms unique to each transaction will be used so that the same token cannot be used on other merchant platforms. To know more about how tokenisation works, read here.

RBI had in September 2021 prohibited merchants from storing customer card details on their servers with effect from January 1, 2022 and mandated the adoption of CoF tokenization as an alternative to card storage.

On December 22, 2021, some industry associations had expressed strong reservations against the implementation of this new rule from January 1, 2022. The Merchant Payments and Alliance of India (MPAI) and the Alliance of Digital India Foundation (ADIF) petitioned RBI for extending the deadline. “Merchants cannot start the testing and certification of their payment processing systems until banks, card networks, and PA/PGs (payment aggregators/payment gateways) are certified and live with stable APIs for consumer-ready solutions,” the joint letter noted. The two associations had asked for a phased implementation of the tokenisation rule (read more here).

Even though the new tokenisation implementation has been postponed, various banks, non-banking finance companies NBFCs, and fintech companies are getting ready for the change. For example, Pine Labs recently ventured into the online payments space with their venture called “Plural” and their latest offering in the segment called “Plural Tokeniser”.

“The launch of Plural Tokenizer is our endeavour to make the payment transaction experience more secure for the end-user i.e., our merchant’s customers. Plural is today the only omnichannel platform in India to manage tokens across offline and online payment experiences,” said Tanya Naik, head of online business at Pine Labs, reported CXOtoday.com.