Debit, credit card rules are changing from October 1, how will this affect you? Check details here

From October 1, the online transaction rules for debit and credit cards will change for all users. In a bid to make all e-payments safe, secure, convenient, quick and affordable, the Reserve Bank of India (RBI) has asked all operating banks to create tokens for card details. In layman’s language, all online, point-of-sale, and in-app transactions done by debit and credit cards will have to be replaced by tokens issued by the banks.  

What is tokenisation? 

Tokenisation is replacing the debit or credit card details with a token issued by the operating bank. That means, now while paying for something online, a user will not punch in the 16 digits engraved on his or her card. The banks will issue a non-sensitive equivalent token for the transactions. With this, customer's card information will no longer be available on any merchant, Payment Gateway, or third-party platform. The process will also mask names on the card, expiry dates and CVV codes. 

Also read: How you can use card tokenisation and account aggregators to secure your financial data

Safety issues 

All token-based transactions are considered safer as the actual details will not shared with the merchants, entities and cannot be misused any further. Entities can save the last four digits of the card number and the card issuer’s name to track the transaction.  

How would it work? 

From October 1, the tokens generated for transactions will be irreversible and unique. With this, no one can breach the security layers and decode the payment process to procure card details.

Also read: RBI introduces UPI Lite for faster real-time, low-value transactions. Check more details here 

As per RBI, the new system will bring down the number of chargebacks, disputes and fraud, and would help the consumers, merchants, and banks. 

How to get a token? 

The first step towards tokenisation will be clicking on “securing your card as per RBI guidelines” after a customer enters all the card details for a transaction. Once done, the merchant will request the operating bank to generate a unique token for a particular transaction. Once consent is given, the merchant will send the request to the card network.   

The buyer will get an OTP on his or her mobile or email from the card issuer, which has to be filled on the bank page, and then the token will be generated. The same token will be mailed to the merchant. He can save it with the customer’s phone and email id in case the transaction faces some technical issues. 

Also read: PayU tokenises 50 million cards ahead of RBI’s Sept 30 deadline

Updates so far 

As per news reports, Paytm has tokenised over 52 million cards so far. Payments platform PayU has reported that it has tokenised over 50 million ahead of the deadline. PhonePe has said that it has tokenized 15 million debit and credit cards so far and is in line with RBI’s deadline.