WHAT IS TOKENISED CARD TRANSACTION?
Tokenisation is a process by which actual card details masks sensitive card details of your debit / credit / prepaid card with an alternate code. This process by which the primary details of a card are replaced with a surrogate value is called a token.
A tokenised card transaction is considered safer as the actual card details are not shared with the merchant during transaction processing. Instead of using actual card details, this token is used to perform card transactions in contactless mode at point of sale (POS) terminals, quick response (QR) code payments. The primary card data, token and other relevant details are stored in a secure mode by the authorised card networks. The Token requestor is not permitted to store Primary Account Number (PAN), i.e., card number, or any other card detail. Card networks are also mandated to get the token requestor certified for safety and security that conform to international best practices / globally accepted standards.
Reserve Bank of India in its notification dated January 8, 2019 has given permission to offer tokenised card transactions services to all channels such as near field communication (NFC), magnetic secure transmission (MST) based contactless transactions, in-app payments, QR code-based payments or token storage mechanisms, including cloud, secure element and trusted execution environment. At present, tokenised card transaction facility would be offered only through mobile phones or tablets. The customer need not pay any charges for availing this service.
Registration of a card on token requesters* app shall be done only with explicit customer consent through Additional Factor of Authentication (AFA), and not by way of a forced / default/automatic selection of checkbox, radio button, the release said.
[*A Token Requester (TR) is an entity like digital wallet providers, payment enablers, merchants and Internet of things (IoT) manufacturers (IBM, Alibaba, etc.) that requests payment tokens for end-users.]
The customer (cardholder) has the option to set and modify per transaction and daily transaction limits for tokenised card transactions.
In terms of RBI notification, Tokenisation and de-tokenisation (conversion of the token back to actual card details is known as de-tokenisation) shall be performed only by the authorised card network and recovery of original Primary Account Number (PAN) should be feasible for the authorised card network only. The card issuers to ensure easy access to customers for reporting loss of ‘identified device’ or any other such event which may expose tokens to unauthorised usage.
According to data from the Reserve Bank of India (RBI) on ‘Sectoral Deployment of Bank Credit’, outstanding credit in the housing sector in...
-
The 12 th Bipartite wage settlement is due on 01.11.2022. The salary and other wage components of public sector banks and some private se...
-
Expected DA Calculation Updated on 29.02.24 on the basis of CPI for the month of Jan'24 with the assumptions of CPI for the next two mon...
-
Fixed personal pay is computerisation allowance. It was compensation given to the employees at that time. Not applicable for those who are j...
No comments:
Post a Comment