Tokenisation of Card Transactions Enhancements Tokenisation of Card Transactions Enhancements Chartered Accountant CA ICAI Chartered Accountants CA ICAI CAinINDIA ICAI Announcements Accounting Standards CA News ICAI Students ICAI Members Case Laws CPT IPCC Final ICAI Course CA Course ICAI Forum CA Question Papers ICAI Study Material

« Latest Circulars »

Open DEMAT Account in 24 hrs
Auction of State Government Securities Feb 23, 2024
RBI imposes monetary penalty on The Adinath Co-Operative Bank Limited, Dist. Surat, Gujarat
The Relevance of SEACEN in a Turbulent World (Closing remarks by Michael Debabrata Patra, Deputy Governor, Reserve Bank of India - February 15, 2024 - at the 59th SEACEN Governors' Conference
Business restrictions imposed on Paytm Payments Bank Limited vide Press Releases dated January 31 and February 16, 2024
Extension of validity of Directions under Section 35A read with section 56 of the Banking Regulation Act, 1949 (As Applicable to Co-operative Societies) - HCBL Co-operative Bank Ltd., Lucknow (U.P.)
Business restrictions imposed on Paytm Payments Bank Limited vide Press Releases dated January 31 and February 16, 2024
Directions under Section 35 A read with section 56 of the Banking Regulation Act, 1949 Shimsha Sahakara Bank Niyamitha, Maddur, Mandya District Extension of Period
Reserve Bank of India (Government Securities Lending) Directions, 2023
Building resilient brand India amidst global uncertainty (Speech by Shri Swaminathan J, Deputy Governor, Reserve Bank of India - December 28, 2023 - at the 10th SBI Banking and Economic Conclave in Mumbai)
Trade Credit for imports into India Submission of return on issuance of bank guarantees for Trade Credits on the Centralised Information Management System (CIMS)
Minutes of the Monetary Policy Committee Meeting, December 6 to 8, 2023


« RBI imposes monetary penalty on The Sutex Co-operative Bank...	RBI imposes monetary penalty on Sarvodaya Co-operative Bank... »
Tokenisation of Card Transactions Enhancements

September, 07th 2021
The Reserve Bank of India (RBI) has today announced the following enhancements to the extant framework on card tokenisation services: the device-based tokenisation framework advised vide circulars of January 2019 and August 2021 has been extended to Card-on-File Tokenisation (CoFT) services as well, and card issuers have been permitted to offer card tokenisation services as Token Service Providers (TSPs). The tokenisation of card data shall be done with explicit customer consent requiring Additional Factor of Authentication (AFA). The above enhancements are expected to reinforce the safety and security of card data while continuing the convenience in card transactions. Citing the convenience and comfort factor for users while undertaking card transactions online, many entities involved in the card payment transaction chain store actual card details [also known as Card-on-File (CoF)]. In fact, some merchants force their customers to store card details. Availability of such details with a large number of merchants substantially increases the risk of card data being stolen. In the recent past, there were incidents where card data stored by some merchants have been compromised / leaked. Any leakage of CoF data can have serious repercussions because many jurisdictions do not require an AFA for card transactions. Stolen card data can also be used to perpetrate frauds within India through social engineering techniques. Reserve Bank had, therefore, stipulated in March 2020 that authorised payment aggregators and the merchants onboarded by them should not store actual card data. This would minimise vulnerable points in the system. On a request from the industry, the deadline was extended to end-December 2021 (RBI circular CO.DPSS.POLC.No.S33/02-14-008/2020-2021 dated March 31, 2021), as a one-time measure. RBI has been in regular consultation with the industry to facilitate the transition. It may be noted that introduction of CoFT, while improving customer data security, will offer customers the same degree of convenience as now. Contrary to some concerns expressed in certain sections of the media, there would be no requirement to input card details for every transaction under the tokenisation arrangement. The efforts of Reserve Bank to deepen digital payments in India and make such payments safe and efficient shall continue. (Yogesh Dayal) Chief General Manager Press Release: 2021-2022/823