Debit/Credit Card Frauds Will Be Stopped Using ‘Tokens’; RBI Allows ‘Tokenisation’ Of Card Payments
Tokenisation has become one of the preferred methods of card payments in Western countries. Now, it comes to India.
In a major innovation related to card payments, which includes both debit and credit cards, Reserve Bank of India has allowed ‘Tokenisation’ of card payments.
How will it stop frauds? And how does this work?
Keep reading to find out more!
‘Tokenisation’ of Card Payments: The Need
Generally, consumers save their debit or credit card details with any service provider, to make payments smooth, and easy. Often, this is a mandatory requirement as well.
For instance, say Paytm, Amazon or Flipkart. Users save their cards details with these service providers for future payments, and the payment is often done with a PIN or password or sometimes just the CVV number.
However, in case any such service provider/website/app gets hacked, then users’ card details can be compromised, and data stolen.
To avoid this scenario, RBI has now allowed ‘Tokenisation’ of card payments, which will avoid such frauds/data theft.
‘Tokenisation’ Of Card Payments: How Does This Work?
‘Tokenisation’ works on the principle of a virtual card, which is also called tokens here.
In this system, instead of saving the actual card details: name, card numbers, expiry date etc, the user will be able to generate a unique ‘token’ or a virtual card for a specific service.
Whenever the consumer is required to make a payment, they can use the token, and an additional authentication PIN to finalize the payment.
Now, this unique token will have three aspects:
- Card details
- The token requester (for example Amazon, Flipkart, Paytm) and
- Identified device (example being your mobile phone or tablet/laptop)
Each such tokens would be unique for a service, and the same token cannot be used elsewhere, which provides better security.
Risks Reduced In Card Payments
Such tokens mask the actual debit/credit card details and help the consumer to protect them. Such unique tokens can be applied to:
- Contactless transactions (Near Field Communication/Magnetic Secure Transmission based transactions)
- In-app payments
- QR code-based payments and more.
Moreover, the end user can also limit the amount of money transacted in every token, specific to that service.
However, the only drawback is that the card issuer and the service provider will be required to appoint a third party to implement this tokenisation system. Having said that, the card issuing company will have the responsibility to ensure safety and security of this whole process.
RBI is expected to issue more guidelines and regulations for this new concept of card payments, which has become quite popular in Western countries.
We will keep you updated, as more details come in.