Tokenisation: The New Trend for Secure and Convenient Online Transactions
Tokenisation is nothing but giving your sensitive information a secret identity. When you tokenise something, like a debit or credit card, you replace the actual details with a unique digital token. To make it more convenient for customers, RBI has recently announced card-on-file tokenisation or CoF.
Amitabh Bacchan has been seen on television advocating for the tokenisation of cards to make online transactions more secure and convenient. Many websites ask users to save their card details, but not everyone is comfortable with that. Tokenisation is the solution.
Rahul Jain, CFO of NTT DATA Payment Services India, explains that tokenisation refers to the replacement of actual card details with an alternate code called the “token”. This is used for recurring payments or when merchants have stored card details for a faster checkout experience.
RBI’s initiative on tokenisation aims to disable card storage at payment service providers’ and merchants’ ends to ensure better security. Gaurav Chopra, founder and CEO of IndiaLends, a digital lending marketplace, explains that tokenisation replaces actual card details with a unique digital token for online transactions, ensuring security.
Steps to tokenise your card:
To purchase any products or services and to initiate a transaction, a customer visits e-commerce or a merchant’s website. Then select the preferred card options as the payment method and enter all the card details.
If the website wants the customer to store the card details for a faster checkout experience, there will be an option ‘secure your card as per RBI guidelines’. A customer must opt for this option to securely generate a token and have it stored as per RBI guidelines.
To complete the transaction, a customer will receive a one-time password (OTP) on the mobile device or email from the card issuer company.
Once the OTP is entered on the bank page, the card details are sent for token generation as well as transaction authorization.
Generated token is sent back to the merchant, who then stores the token against the customer identification data eg; mobile number or email address.
When a customer visits the same e-commerce or merchant website, the last four digits of the saved card are shown which helps them to recognize during the transaction. This means that a customer’s card has been tokenised.
A new token is generated for every merchant website where the card details are required to be stored. The token is now ready for use in subsequent recurring or express checkout payment transactions by consumers on the merchant platform.
When you tokenise your card, your card information is not stored by the merchant website. Akash Sinha, CEO and co-founder of Cashfree Payments, a payments and banking platform, explains that the genuine payment details of the customer are securely stored by their bank in a protected token vault. Upon receiving the token from the credit card issuer and confirming its match with the account number, the bank verifies the transaction.
Card on file tokenisation:
RBI has recently announced that card-on-file tokenisation (CoF) can now be generated directly at the issuer bank level. This will allow users to generate tokens through their bank’s app or website. Currently, it is not mandatory to tokenise the cards. A customer can choose whether to or not to tokenise his/her card. A customer can continue to transact as before by entering card details manually at the time of initiating the transaction if he/she does not wish to create a token.
This new system allows for more secure and hassle-free online transactions, giving customers peace of mind and ensuring their sensitive information remains safe. Source: NTT DATA Payment Services India.
I have over 10 years of experience in the cryptocurrency industry and I have been on the list of the top authors on LinkedIn for the past 5 years. I have a wealth of knowledge to share with my readers, and my goal is to help them navigate the ever-changing world of cryptocurrencies.
