The Reserve Bank of India (RBI) has announced in Mumbai that the deadline for the tokenization of consumer payment cards that are maintained by e-commerce companies and other firms has been extended.
The new regulations prohibited businesses from holding the credit card information of their consumers on their systems. Instead, they can choose to keep a token that correlates with the card. This token might then be used to request payment from the bank that issued the card. The deadline for compliance with the restriction, which was originally set for the 30th of June, has been moved to the 30th of September. The period of time allotted for the project has once again been pushed back. The Reserve Bank of India (RBI) had already extended a deadline that was originally set for December 30, 2021 in order to give firms additional time.
While the central bank acknowledged that significant headway had been made in replacing card data with tokens and that transactions had begun, they also stated that the initiative had not yet gained hold among all retailers. “Further, an alternate system in respect of transactions where cardholders decide to enter the card details manually at the time of undertaking the transaction (commonly referred to as ‘guest checkout transactions’),” the RBI said when explaining the rationale for the postponement, “has not been implemented by industry stakeholders so far.”
The new regulations have had an impact on the ability of overseas corporations to take payments, despite the fact that several of these companies already have significant operations in India. As Apple is not currently compatible with the standards for card storage, the business has discontinued the practise of accepting credit cards in favour of requesting that users utilise UPI to add funds to their Apple wallets in order to make transactions possible.
The Reserve Bank of India (RBI) has encouraged the general public to participate in tokenization and has stated that about 19 crore tokens have already been produced. This amount is more than any payment service had expected it to be. The reasoning for this is based on the fact that corporations hold the credit card information of millions upon millions of customers.
In the event that a hacker obtains such information, there is a potential for massive fraud, and the process of reissuing cards would be an expensive one. Tokens may only be used at the original retailer to whom they were supplied, making them worthless at any other business. If the bank discovers that the token was obtained from a payee other than the intended one, it will refuse to process the transaction.