RBI Expands Tokenization Facility to Ensure Security of Card Data

bySurobhi BoseLast Updated: May 25, 2023
RBI Expands Tokenization Facility to Ensure Security of Card Data

To ensure the safety and security of the payment system, the Reserve Bank of India (RBI) has expanded the tokenization facility from an earlier devised-based tokenization framework to Card on File Tokenization (COFT). In regards to this, the digital payment company Paytm has introduced a tokenization solution for online credit and debit card transactions. Tokenization provides an added layer of security to the users by converting the sensitive card information such as card number, CVV and card name to a set of randomly generated numbers known as ‘token’.

This development has been initiated after the RBI issued the guidelines for Payment Aggregator (PA) and Payment Gateways (PG). As per the RBI guidelines, starting 1st January 2022, the payment aggregators and merchants will not be allowed to store the card credentials of the customers in their database. To avail of the tokenization facility, all that a customer needs to do is provide a one-time consent via OTP and undertake a transaction to tokenize their credit/debit card for the first time.

Paytm Payments Bank tokenization solution is going to make recurring payments convenient and safe for customers by allowing the payment providers to save cards using tokens. This facility supports all major card networks like Rupay, Visa and Mastercard. Currently, Paytm has 120+ million users with at least one saved card on Paytm.

How to Avail Tokenization Facility on Paytm?

Here is the step by step process to avail tokenization facility on Paytm-

Step-1: Update the app to the latest 9.19 and above

For Android Users- https://play.google.com/store/apps/details?id=net.one97.paytm

Step 2: Go to ‘Payment Settings’ in your profile and click on the option of ‘Saved Cards’

RBI Expands Tokenization Facility

Step 3: Click on the ‘Secure Now’ option below the saved card details

RBI Ensure Security of Card Data

Step 4: Enter your CVV number and click on ‘Proceed’ (Re. 1 will be debited from the card to verify the card details)

 RBI guidelines for coft

Step 5: Enter the OTP sent on the registered mobile number and click on ‘Proceed’

RBI Expands Tokenization Facility to Ensure Security of Card Data

Step 6: After completion of the payment process the users will earn a scratch card worth 500-5000 points applicable two times per user

RBI Expands Tokenization Facility

Important Points to Consider

Here are some important points to consider:

  • With effect from 1st January 2022, no entity in the payment chain/card transaction other than the card issuers and/or card networks shall store the actual card data. Any such data stored previously shall be removed
  • For reconciliation purposes and/or transaction tracking the entities can store limited data (last 4 digits of the actual card number and card issuer’s name in agreement with the applicable standards)
  • Total compliance with all entities involved shall be the responsibility of the card networks

Wrapping it Up!

With the help of COFT, the merchant partners can create, process, modify and delete tokens for online card payments with the consent of the customers. Moreover, this will not only save the time and effort of the merchant partners by omitting the need to integrate with multiple card networks, but it will also ensure full compliance with the RBI guidelines.

The Card on File Tokenization (COFT) is introduced with an objective to improve customer data security and offer them the same degree of convenience as now. With a tokenization facility, there will be no requirement to input card details for every transaction. With COFT, RBI aims to deepen digital payments in India and make such payments safe and efficient for users.

You May Also Like