In news- Recently, the Reserve Bank of India has extended the scope of ‘tokenisation’ to several consumer devices. It has been decided to extend the scope of tokenisation to include consumer devices such as laptops, desktops, wearables like wristwatches and bands, as well as Internet of Things (IoT) devices.
What is RBI Tokenization?
- Tokenization refers to the replacement of actual card details with a unique alternate code called the ‘token‘, which is unique for a combination of card, token requestor (i.e. the entity which accepts request from the customer for tokenization of a card and passes it on to the card network to issue a corresponding token) and identified device.
- Normally, in a tokenized card transaction, parties / stakeholders involved are merchant, the merchant’s acquirer, card payment network, token requestor, issuer and customer. However, an entity, other than those indicated, may also participate in the transaction.
About tokenization-
- It aims at improving the safety and security of the payment system.
- The Reserve Bank had earlier permitted ‘tokenization’ services, under which a unique alternate code is generated for transaction purposes, on mobile phones and tablets of cardholders.
- RBI had issued guidelines on “Tokenization – Card transactions” in 2019, permitting authorised card networks to offer card tokenization services to any token requestor, subject to conditions.
- Prior to the latest circular, the facility was available only for mobile phones and tablets of interested cardholders.
A tokenized card transaction is considered safer as the actual card details are not shared with the merchant during transaction processing.
Safety and Security of card details-
Actual card data, token and other relevant details are stored in a secure mode by the authorised card networks. Token requestor cannot store Primary Account Number (PAN), i.e., card number, or any other card detail. Card networks are also mandated to get the token requestor certified for safety and security that conform to international best practices / globally accepted standards.
