Amid repeated requests from industry stakeholders, the Reserve Bank of India (RBI) on Thursday extended the deadline for cards tokenisation till June 30, 2022. Tokenisation means replacement of credit and debit cards details with an alternate code called a “token”.
Tokenised cards are considered safe for online transactions, as the card details are not shared with the merchant during transaction processing.
“The timeline for storing of card on file (CoF) data is extended by six months, i.e., till June 30, 2022,” the central bank said in a notification to all payment system operators, adding that after the expiry of the extended deadline, all such data will be purged.
The earlier deadline set by the RBI was to expire on December 31, 2021.
Earlier, the Indian Banks Association (IBA) had sent a representation to the RBI for an extension of the tokenisation deadline.
The main reason behind stakeholders seeking an extension of the tokenisation deadline was that many small and medium-sized merchants don’t yet have the infrastructure to shift to the new system, though banks are more or less prepared for it.
Tokenisation is referred to as a replacement of credit and debit card details with an alternate code called a “token”. A token is unique for each card, token requestor and device.
The token requestor is the entity that accepts a request from a customer for tokenisation of a card and passes the request on to the card network for the issuance of a corresponding token.
The cardholder can get the card tokenised by initiating a request on the app provided by the token requestor.
The token requestor will forward the request to the card network, which, with the consent of the card issuer, will issue a token corresponding with the combination of the card, the token requestor, and the device.