RBI plans to introduce card-on-file tokenization (CoFT) at issuer banks, enhancing e-commerce security by replacing card details with secure codes.
- RBI proposes to implement card-on-file tokenisation (CoFT) at issuer banks.
- Current CoF tokens can only be created via a merchant’s app or webpage.
- Move expected to revolutionize India’s e-commerce scene, enhancing transaction security.
- Tokenisation shields actual card details with a substitute code, boosting safety.
In a move that signals a transformative shift in the security of online transactions, the Reserve Bank of India (RBI) has proposed to enable card-on-file tokenization (CoFT) directly at the issuer bank level, heightening the security and convenience of digital commerce transactions across the country.
Until now, the creation of CoF tokens has been confined to the domain of merchants, only executable through a specific application or webpage. However, the RBI, through this innovative proposal, aims to provide cardholders with an enriched layer of security and practicality by allowing them to generate tokens linked to their accounts, straight from their issuer banks.
RBI update: Card-on-file tokenization extended:
The RBI has extended the card-on-file tokenization or token creation facility at the level of the issuer bank.
The token creation facility was earlier available only through merchant applications or websites.
— V S Vadivel FCA (@vsvadivelfca) October 6, 2023
RBI on Tokenization
Tokenization acts as a robust security mechanism, substituting actual card details with a unique code or “token”. This ensures that during tokenized card transactions, vital card details remain undisclosed to merchants, thereby fortifying the safety quotient of digital transactions. Notably, this method has been commended for its additional layer of protection over card credentials, which are conventionally more exposed during standard card transactions.
CFO of NTT DATA Payment Services India, Rahul Jain, spotlighted the minimum hurdles for issuer banks adopting this approach, given that many can employ the pre-established unified payment framework for token creation. Moreover, the implementation of CoFT at the bank level has been heralded as a watershed moment, not just for cardholders but also for the financial industry at large, elevating transactional security to new heights.
While the proposal from the RBI is undeniably a step in a progressive direction for safeguarding online transactions and bolstering e-commerce, it’s pivotal to acknowledge the transitional challenges and the requisite infrastructural adjustments needed for smooth implementation.
Additionally, from a user perspective, widespread awareness and education regarding the use and benefits of tokenisation are crucial to ensuring that the masses can leverage these advancements effectively and safeguard their transactions. For the e-commerce sector, this step may instill increased consumer confidence in online shopping and digital transactions, further propelling the industry’s growth.
As we observe this transformative juncture in India’s digital financial landscape, it’s imperative to stay vigilant and adaptive to the subsequent developments and shifts in the e-commerce and digital payment ecosystems. Consequently, the balancing act of advancing technological capabilities while maintaining user-friendly interfaces and experiences will be crucial in determining the success of such initiatives.