How to tokenise your debit, credit card in 6 steps

The Reserve Bank of India (RBI) has mandated that all credit and debit card data be replaced by unique tokens online, at point-of-sale, and in-app transactions by September 30, 2022.

By Sneha Kulkarni, ET Online | Updated: Nov 01, 2022, 02.34 PM IST

The Reserve Bank of India (RBI) has mandated that all credit and debit card data online, point-of-sale, and in-app transactions be replaced with unique tokens by September 30, 2022 (extended from June 30, 2022)

Cardholders’ payment experience will be enhanced through an added layer of security by way of tokenisation. According to the RBI, “Tokenisation refers to replacement of actual card details with an alternate code called the “token”, which shall be unique for a combination of card, token requestor (i.e. the entity which accepts request from the customer for tokenisation of a card and passes it on to the card network to issue a corresponding token) and devic (referred hereafter as “identified device”)

This additional time frame may be used by the industry for the following purposes.

(a) facilitating the readiness of all stakeholders to handle tokenized transactions.
(b) processing tokenized transactions.
(c) putting in place alternative mechanism(s) to handle all post-transaction activities (including chargeback handling and settlement) related to guest checkout transactions that currently involve or require storage of CoF data by entities other than card issuers and card networks.
(d) educating the public about the creation of tokens and the use of them in transactions.

Also read: Is there a limit on number of cards that can be tokenised?
Also read: Pay for your Uber ride using debit, credit card? How to tokenise your card on Uber

Here are six simple steps to tokenise your card as per an RBI tweet:

As per RBI's tweet: “Want to generate a token for your debit/ credit card? Follow these 6 simple steps to tokenisation. It’s simple, it’s safe, it’s convenient.”

.@RBI Kehta Hai..Want to generate a token for your debit/ credit card? Follow these 6 simple steps to tokenisation… https://t.co/iRhCGraivS
— RBI Says (@RBIsays) 1658898326000

Step 1: Start

Visit any e-commercial merchant website or application to make a purchase and start a payment transaction.
Step 2: Choose your card
During check out, enter details of your debit, credit card saved earlier as payment method and enter other details.
Step 3: Secure your card

Select the option “secure your card as per RBI guidelines” or ‘tokenise your card as per RBI guidelines”
Step 4: Give consent to create token
Enter OTP sent to your mobile phone or email by your bank and compete the transaction.
Step 5: Generate token
Your token has been generated and saved instead of actual details of your card
Step 6: Tokenised
When you visit the same website or application again, the last four digits of your saved card are displayed to help you identify your card for doing the payment. Tokenised!

11 FAQs answered on tokenisation of credit, debit cards

1/12

The Reserve Bank of India (RBI) had extended the deadline for tokenisation of debit and credit cards to September 30, 2022. As per the RBI mandate, from October 1, 2022, full card number, CVV and expiry date and any other sensitive information related to cards cannot be stored by merchants for processing online transactions. According to the RBI, “Tokenisation refers to replacement of actual card details with an alternate code called the “token”, which shall be unique for a combination of card, token requestor (i.e. the entity which accepts request from the customer for tokenisation of a card and passes it on to the card network to issue a corresponding token) and device (referred hereafter as “identified device”). According to the Canara Bank website, these are the Frequently Asked Questions (FAQs) on Card-on-File Tokenization (CoFT) for card transactions.