Making payments online has become the new normal. People prefer to make online payments rather than carry cash. People make online transactions all the time, whether it's ordering food, shopping, or booking cabs, and they save their passwords, as well as their debit and credit card information. However, alongside online banking, the rate of online fraud has skyrocketed. As a result, in order to make online payments safer and more secure, the Reserve Bank of India (RBI) has asked all merchants and payment gateways to remove sensitive customer information saved on debit cards and credit cards.

The new debit and credit card rules will take effect on January 1, 2022, and the RBI has also requested that merchants and payment gateways use encrypted tokens to carry out transactions. Banks have also begun informing their customers about the situation. HDFC Bank informed its customers via SMS that details saved on Merchant Website/App will be deleted by merchants in accordance with the RBI mandate for enhanced card security, which takes effect on January 1, 2022. It went on to say that if you want to pay each time, you should enter your full card information or use tokenization.

According to the new rules, beginning in January 2022, when you make your first payment to any merchant, you will be required to provide him/her with your consent via an additional factor of authentication (AFA). After that, you'll finish the payment by entering your card's CVV and OTP.

You're probably wondering what tokenization is.
Tokenisation is the process of replacing an actual card number with an alternative code that will be converted into a token. Tokenised card data can be used in place of an actual card number for future online purchases if the card user so specifies. Tokenised cards are more secure than actual card details for making payments and sharing with online merchants.

When using tokens, you do not need to provide information such as your card number, expiry date, CVV, or any other details that are required when making debit/credit card transactions.

How do I obtain a tokenized card?
Step 1: To obtain the card token, make a request via token requestor on the bank's website or app.

Step 2: After you submit your request on the token requestor, the merchant will send it directly to the bank that issued your credit card / Visa/ Mastercard / Diners / Rupay.

Step 3: The party that receives the token request from the Token Requester will generate a token that is associated with the card, the token requestor, and the merchant.

It should be noted that tokenization cards are applicable to Mobile Credit Cards for payments such as NFC-enabled POS transactions, Bharat QR code-based online or offline payments. Also included are all potential online and offline merchants.

Is card tokenization a safe practice?
Tokenised cards are more secure than actual card details for making payments and sharing with online merchants. The initiative is intended to make card transactions safer, more secure, and more convenient for users.