PERSONAL FINANCE FINANCIAL PLANNING TAX PLANNING BANK ACCOUNTS INSURANCE DEPOSITS STOCKS MUTUAL FUNDS
What is Tokenisation of Credit Card ?
TOKENIZE YOUR CARDS : RBI
TIMELINE EXTENDED UP TO 30TH SEPTEMBER 2022
Dated 25.06.2022 : Reserve Bank of India has asked the cardholders to tokenize their cards for their own safety , while extending the timeline for storing of data by the merchants by 3 months up to September 30,2022 . Once the deadline is over , merchants have to purge all the card data they have stored in their system .
RBI points out " Currently, many entities, including merchants, involved in an online card transaction chain store card data like card number, expiry date, etc. [Card-on-File (CoF)] citing cardholder convenience and comfort for undertaking transactions in future. While this practice does render convenience, availability of card details with multiple entities increases the risk of card data being stolen/misused. There have been instances where such data stored by merchants, etc., have been compromised. Given the fact that many jurisdictions do not mandate Additional Factor of Authentication (AFA) for authenticating card transactions, stolen data in the hands of fraudsters may result in unauthorised transactions and resultant monetary loss to cardholders. Within India as well, social engineering techniques can be employed to perpetrate frauds using such data. " Hence in order to avoid such risks for the cardholders , RBI is encouraging people to tokenize their cards at the earliest .
So if a merchant asks you to tokenize your data with them , it will have a one more layer of security on your card data and you will be better protected . When you tokenize your card with a specific merchant , you will get a specific token for future use with that merchant only .
To read RBI Press release dated 24.06.2022 , CLICK HERE
TIMELINE EXTENDED UP TO 30TH SEPTEMBER 2022
Dated 25.06.2022 : Reserve Bank of India has asked the cardholders to tokenize their cards for their own safety , while extending the timeline for storing of data by the merchants by 3 months up to September 30,2022 . Once the deadline is over , merchants have to purge all the card data they have stored in their system .
RBI points out " Currently, many entities, including merchants, involved in an online card transaction chain store card data like card number, expiry date, etc. [Card-on-File (CoF)] citing cardholder convenience and comfort for undertaking transactions in future. While this practice does render convenience, availability of card details with multiple entities increases the risk of card data being stolen/misused. There have been instances where such data stored by merchants, etc., have been compromised. Given the fact that many jurisdictions do not mandate Additional Factor of Authentication (AFA) for authenticating card transactions, stolen data in the hands of fraudsters may result in unauthorised transactions and resultant monetary loss to cardholders. Within India as well, social engineering techniques can be employed to perpetrate frauds using such data. " Hence in order to avoid such risks for the cardholders , RBI is encouraging people to tokenize their cards at the earliest .
So if a merchant asks you to tokenize your data with them , it will have a one more layer of security on your card data and you will be better protected . When you tokenize your card with a specific merchant , you will get a specific token for future use with that merchant only .
To read RBI Press release dated 24.06.2022 , CLICK HERE
CREDIT CARD USAGE AND SECURITY : Whenever you swipe your credit card or make payment on a website of a merchant , details of your cards like name on the card , card number , expiry date , mobile number etc are recorded in the system of the merchant . These details will be sent to the concerned bank's computer system to receive the payment from the card issuer . Further the details of the card will also be stored in the merchant's computer system for the record of the transaction sake and also ease the usage of the same card in your next transaction with the merchant .
The question is whether such data are safe from the hands of the hackers and bad elements ? . Even though their system is encrypted for better safety , there are news of hack of such sites regularly . In order to prevent theft of such information , RBI asked all the merchants to purge the data from their system and use Tokens instead . Now RBI has given time to merchants for purging till the end of June 2022 .
What is this Tokenisation , RBI wants merchants to do ? With tokenization whether your cards will be safer ?
The question is whether such data are safe from the hands of the hackers and bad elements ? . Even though their system is encrypted for better safety , there are news of hack of such sites regularly . In order to prevent theft of such information , RBI asked all the merchants to purge the data from their system and use Tokens instead . Now RBI has given time to merchants for purging till the end of June 2022 .
What is this Tokenisation , RBI wants merchants to do ? With tokenization whether your cards will be safer ?
TOKENISATION OF CREDIT CARD
What is Tokenisation of Cards ?
Tokenisation is a process by which card details are replaced by a unique code or token, generated randomly (by an algorithm) , allowing online purchases to go through without exposing card details, in a bid to improve data security. While each number of the 16 numbers printed on a credit card will have a meaning and give clue to the various details of the card , the randomly generated token will have no meaning and hence it will be secure from the fraudsters and hackers. The token can be used in the particular merchant network where it is generated .
Suppose your credit card number is 4123 567 xxxxxxxxx8 , it may be converted as aBcdeggh67hijk which has no meaning .
Suppose your credit card number is 4123 567 xxxxxxxxx8 , it may be converted as aBcdeggh67hijk which has no meaning .
Meaning of Credit Card Number

Meaning of 16 numbers in a Credit Card :
1. First number represents the network like Visa , Mastercard , American express etc . For example 3 is Master Card , 4 is Visa
2. 2 to 6 numbers represent the bank that is issued the card and it is called IIN or BIN .
3. The 7th and all other numbers following it ( except the last number ) represents the account number of the card which is assigned to the user . Every card will have separate number for each card account .
4. The last number is a checker for the payment processing .
1. First number represents the network like Visa , Mastercard , American express etc . For example 3 is Master Card , 4 is Visa
2. 2 to 6 numbers represent the bank that is issued the card and it is called IIN or BIN .
3. The 7th and all other numbers following it ( except the last number ) represents the account number of the card which is assigned to the user . Every card will have separate number for each card account .
4. The last number is a checker for the payment processing .
Process of Tokenisation
Normally merchant network will remember your card numbers when you a card in their network so as to make it easy for the next transaction . The card details will be stored in their system along with your personal details and will be retrieved when you use it next time there . The next time when you visit the merchant , it will automatically ask you from which card you would like to make the payment from all the card details of yours they are having .
If you have Amazon or Flipkart account , you will be asked to chose from the all earlier cards you have used in their network . They would have saved your card details along with your personal details . If the merchant's system is hacked , hackers will steal all your details from the saved cards lists on their system . To avoid such theft , tokenisation will remove all the data of your card from the system and will be replaced by a token generated by their system . Hence your card details will not be available to any hackers .
On a purchase , once your card details are captured by the merchant network , it will be converted in to a token which is called Tokenisation . Token will contain both alphabets and numerals . Tokens are unique to the particular merchant system and will have no meaning to other systems . Tokens will be stored in merchant's network . Your card data will go to a separate vault along with the token generated .
Whenever you repeat the payment on the the same merchant website , your data will be extracted from the vault . Thus your data is secured by one more layer of security .
If you have Amazon or Flipkart account , you will be asked to chose from the all earlier cards you have used in their network . They would have saved your card details along with your personal details . If the merchant's system is hacked , hackers will steal all your details from the saved cards lists on their system . To avoid such theft , tokenisation will remove all the data of your card from the system and will be replaced by a token generated by their system . Hence your card details will not be available to any hackers .
On a purchase , once your card details are captured by the merchant network , it will be converted in to a token which is called Tokenisation . Token will contain both alphabets and numerals . Tokens are unique to the particular merchant system and will have no meaning to other systems . Tokens will be stored in merchant's network . Your card data will go to a separate vault along with the token generated .
Whenever you repeat the payment on the the same merchant website , your data will be extracted from the vault . Thus your data is secured by one more layer of security .
Benefits of Tokenisation of Credit Card
USE OF TOKENS :
When tokenised , a random token replaces the card number in the computer network of the merchant . The hacker cannot dig out any information from the hacked token as it has no meaning . Further that token can be used only in the network which is hacked and cannot be used in any where else for stealing the money . Hence your card is much safer now .
1. Credit Card holders feel much more safer to use their credit card on a website which tokenises their cards , comapred to other websites where their card data will be stored .
2. Merchants can feel safe that their customer datas are not stolen by the hackers and their systems are safer.
When tokenised , a random token replaces the card number in the computer network of the merchant . The hacker cannot dig out any information from the hacked token as it has no meaning . Further that token can be used only in the network which is hacked and cannot be used in any where else for stealing the money . Hence your card is much safer now .
1. Credit Card holders feel much more safer to use their credit card on a website which tokenises their cards , comapred to other websites where their card data will be stored .
2. Merchants can feel safe that their customer datas are not stolen by the hackers and their systems are safer.
DEADLINE EXTENDED FOR TOKENISATION
MERCHANTS CAN STORE CARD DATA FOR 6 MONTHS MORE
Restriction on storage of actual card data [i.e. Card-on-File (CoF)] by RBI
Date 24.12.2021 : In March 2020 . Reserve Bank of India ( RBI ) had issued notification prohibiting storage of card data by non-banks and and merchants from June 30, 2021. The time limit was extended up to 31.12.2021 later on . Later RBI brought regulations on CoF Tokenisation (CoFT) of card data were issued on September 07, 2021 on “Tokenisation – Card Transactions: Permitting Card-on-File Tokenisation (CoFT) Services”.
Now RBI has further extended time limit to store data to June 30, 2022. RBI further wants such data to be purged after 01st , July 2022 . Further RBI permits industry stakeholders to devise alternate mechanism(s) , in addition to tokenisation , to handle any use case (including recurring e-mandates, EMI option, etc.) or post-transaction activity (including chargeback handling, dispute resolution, reward / loyalty programme, etc.) that currently involves / requires storage of CoF data by entities other than card issuers and card networks.
To read RBI NOTIFICATION on this topic , CLICK HERE
MERCHANTS CAN STORE CARD DATA FOR 6 MONTHS MORE
Restriction on storage of actual card data [i.e. Card-on-File (CoF)] by RBI
Date 24.12.2021 : In March 2020 . Reserve Bank of India ( RBI ) had issued notification prohibiting storage of card data by non-banks and and merchants from June 30, 2021. The time limit was extended up to 31.12.2021 later on . Later RBI brought regulations on CoF Tokenisation (CoFT) of card data were issued on September 07, 2021 on “Tokenisation – Card Transactions: Permitting Card-on-File Tokenisation (CoFT) Services”.
Now RBI has further extended time limit to store data to June 30, 2022. RBI further wants such data to be purged after 01st , July 2022 . Further RBI permits industry stakeholders to devise alternate mechanism(s) , in addition to tokenisation , to handle any use case (including recurring e-mandates, EMI option, etc.) or post-transaction activity (including chargeback handling, dispute resolution, reward / loyalty programme, etc.) that currently involves / requires storage of CoF data by entities other than card issuers and card networks.
To read RBI NOTIFICATION on this topic , CLICK HERE
New Updated Article
TAX PLANNING FOR FY 2021-22 ( AY 2022-23 )
Comprehensive Article on Income tax changes in Rules, Rates , Slabs , Rebates and Estimation
CLICK HERE TO READ
TAX PLANNING FOR FY 2021-22 ( AY 2022-23 )
Comprehensive Article on Income tax changes in Rules, Rates , Slabs , Rebates and Estimation
CLICK HERE TO READ
PRECAUTIONS WHILE INVESTING : CLICK HERE TO READ
TAX ON RETIREMENT
MORE THAN 15000 VIEWS
CLICK HERE TO READ
HOW TO LINK YOUR AADHAR TO PAN ? CLICK HERE
WHAT IS NEW ON PLAN N PROGRESS ?

Plan your Expenses
Plan Credit Card use
Tweak your Bank Account
and Earn Extra Income
Click Below to Read
HAVE CAKE AND EAT IT
Click Here to read
HAVE CAKE AND EAT IT
Earn Extra income on Expenses by Tweaking accounts , planning expense and Credit cards
HAVE CAKE AND EAT IT
Earn Extra income on Expenses by Tweaking accounts , planning expense and Credit cards