RBI has pushed the deadline for tokenization of card transactions

RBI (The Reserve Bank of India) has pushed the deadline for tokenization of card transactions from July to October 2022.

In March 2020, the apex bank announced new rules for the tokenization of card data in order to make online transactions made using debit and credit cards more secure. Accordingly, the RBI had asked banks to adhere to the guidelines beginning 1 January 2022, which was subsequently extended to July 2022, and now to October 2022.

As per the guidelines, online players will have to delete any credit and debit card data stored on their platforms and replace them with token to secure card details of consumers and mandate the adoption of card-on-file (CoF) tokenization as an alternative to card storage. It applies to domestic, and online purchases.

Tokenisation refers to the replacement of actual credit and debit card details with an alternate code called the “token”, which will be unique for a combination of card, token requestor, and device. A tokenized card transaction is considered safer as the actual card details are not shared with the merchant during transaction processing.

Customers who do not have the tokenization facility will have to key in their name, 16-digit card number, expiry date, and CVV each time they order something online. In the case of multiple cards, each will have to be tokenized. The customer need not pay any charges for availing of this service. A customer can choose whether or not to let his / her card be tokenized.


Tokenization is a technology that allows for more secure payments by substituting sensitive consumer account data for a random number that is unique to each transaction – a digital token.

This token contains no consumer account data and instead is simply a map to where the bank has stored a consumer’s data within its own secure systems. Because tokens are unique to their transactions they are useless to hackers who would use them for further transactions.

Simply put, tokenization means that sensitive consumer account data never travels through the retailer systems and instead stays safely locked in the banks secure infrastructure. Because the process works behind the scenes, customers won’t be required to do anything different from what they’re used to.


Leave a Comment


Welcome! Login in to your account

Remember me Lost your password?

Lost Password