Is Amazon, Flipkart, or Paytm your preferred e-commerce platform? You are prompted to save/secure your card details whenever you purchase anything on these platforms?
As a result of the Reserve Bank of India making certain changes to the rules regarding online payments using debit and credit cards, the new rules will come into effect on October 1. Online payments will become more convenient, secure, and affordable as a result of the changes. Under the new rules, the banks will have to create tokens for card details. This token will mask the sensitive card details.
With tokenisation, sensitive data such as the owner’s name, 16-digit card number, expiration date, and three-digit CVV code is masked with an alternate number.
So, regardless of whether you are shopping from an e-commerce site for the first time or if your credit card details are already there and you only need to enter the CVV, these platforms will be asking your permission to store details of your card since from October 1, all saved card details will be removed. Afterward, when you make a purchase on these e-commerce sites, you will be required to enter every single detail manually if you have denied them permission.
A customer’s card details, except CVV, are saved on the e-commerce platforms whenever the card is used to make a purchase. In any case, platforms won’t be able to store card credentials once the rules go into effect.
According to Amit Kumar, Chief Technology Officer & Executive Director, Easebuzz, tokenization is an important reform that will increase the security of online transactions.
Consumers now receive a security option as soon as they enter all their card information on the merchant’s website. They must choose this option to generate a token.
From the card issuer, the customer will receive an OTP on their mobile device or via email. After entering the OTP, the card details are sent for authorization and token generation. Kumar explained that the token is sent back to the merchant, who stores it against the consumer’s data, whether it’s their mobile number or email address.
In order to protect their data that may be exposed if not tokenized, experts said that consumers should get their consent for this entire process.
The tokenization process will strike the perfect balance between user experience and data security. As a result of RBI’s recent guidelines, banks and FINTECH players will have to create tokens for credit or debit card details. According to Kumar, the mandate enforces the masking of sensitive credentials, such as 16-digit card numbers and expiration dates.
As a result of tokenisation, experts believe the personal information of customers will be more secure. Now, banks and processors will be responsible for protecting card data. They said that since token generation is irreversible and the masking number is unique, the payment process cannot be reversed to obtain card details.
As a result of the RBI’s new guidelines, payment disputes and fraud transactions will also be reduced.