RBI’s card-on-file (CoF) tokenisation norms from October 1

The RBI’s card-on-file (CoF) tokenisation norms will help in storing the user’s card details in a form of a token for future transactions. This is being implemented to make transactions more secure

As the month of October is about to start, the Reserve Bank of India (RBI) continues to bring changes in the monetary policy of India to make transactions and financial matters more convenient. In its efforts to make financial transactions by debit and credit cards more secure, the RBI is ready to bring its card-on-file (CoF) tokenisation norms into effect from 1 October, 2022.

This comes after a time when reports of online fraud related to misuse of credit or debit card details have been reported from various parts of the country. People are unknowingly cheated by cyber frauds who use their personal banking details stored on online shopping platforms.

In a bid to fight against online fraud, the RBI’s card-on-file (CoF) tokenisation norms will help in storing the user’s card details in a form of a token for future transactions and will keep their actual card details secure. In addition to this, RBI also prohibits any shopping platform from saving the details of the users.

Earlier, the change was to come into effect on 30 June, 2022, however, it was postponed until 30 September, 2022, following which the norms must be followed from 1 October, 2022.

With a major change in the transaction process, read on to know in detail about RBI’s new rules for credit and debit card users.

What are the new norms?
According to RBI, the card-on-file (CoF) tokenisation norms will be applied to credit and debit card information. According to the same, the new rule will replace actual card details with an alternative code “token”, which shall be further used for future transactions.

To obtain a token, the cardholder needs to go through a one-time registration process while using their cards at any e-commerce platform. As they enter their card details, it gives consent to create a token which is then validated by way of authentication through an additional factor of authentication (AFA).

A token is thereafter created which can be used for future transactions with the CVV number and OTP steps.

How will the new rules impact customers?
With the use of the new rules for card transactions on e-commerce websites, the card details of users remain safe and they are not stored on the platforms, nor are they shared with the merchant during the payment process. It will also not allow the platforms to voluntarily store the sensitive card details of the user in any form.

The RBI on its website says, “Other than the card issuer and the card network, the merchant or its Payment Aggregator (PA) involved in settlement of such transactions, can save the CoF data for a maximum period of T+4 days (“T” being the transaction date) or till the settlement date, whichever is earlier. This data shall be used only for settlement of such transactions and must be purged thereafter.”

Read all the Latest News, Trending NewsCricket News, Bollywood News,
India News and Entertainment News here. Follow us on Facebook, Twitter and Instagram.

Leave a Reply

Your email address will not be published.