New Delhi: The Reserve Bank of India (RBI) on Thursday prolonged the card-on-file (CoF) tokenisation deadline by six months to June 30, 2022, in view of varied representations obtained from trade our bodies.
Card-on-file, or CoF, refers to card info saved by fee gateway and retailers to course of future transactions.
The earlier deadline was December 31, 2021.
“In light of various representations received in this regard, we advise…The timeline for storing of CoF data is extended by six months, ie., till June 30, 2022 and post this, such data shall be purged,” RBI stated in a notification addressed to all fee system suppliers and fee system contributors.
In addition to tokenisation, it stated, “Industry stakeholders may devise alternate mechanism(s) to handle any use case (including recurring e-mandates, EMI option, etc.) or post-transaction activity (including chargeback handling, dispute resolution, reward/ loyalty programme, etc.) that currently involves/requires storage of CoF data by entities other than card issuers and card networks.”
Under tokenisation companies, a singular alternate code is generated to facilitate transactions by playing cards.
The RBI in September prohibited retailers from storing buyer card particulars on their servers with impact from January 1, 2022, and mandated the adoption of CoF tokenisation as a substitute for card storage.
Citing a number of operational challenges, trade associations ‘Merchant Payments Alliance of India (MPAI) and Alliance of Digital India Foundation (ADIF)’ had requested the RBI to increase the December 31 deadline for implementation of norms associated to tokenisation of card transactions.
MPAI is a consortium of retailers who settle for digital funds and counts Microsoft, Netflix, Spotify, Zoom, BookMyShow, Disney+Hotstar, Policybazaar and Times Internet amongst its members.
Alliance of Digital India Foundation (ADIF) is a think-tank for digital start-ups, whose members embrace Paytm, Matrimony.Com, GOQii and MapmyIndia.
Citing the comfort and luxury issue for customers whereas endeavor card transactions on-line, many entities concerned within the card fee transaction chain retailer precise card particulars.
Some retailers power their prospects for storing card particulars.
Availability of such particulars with numerous retailers considerably will increase the danger of card knowledge being stolen. In the latest previous, there have been incidents the place card knowledge saved by some retailers have been compromised/ leaked.
Any leakage of CoF knowledge can have critical repercussions as a result of many jurisdictions don’t require an AFA for card transactions, the RBI stated including that stolen card knowledge will also be used to perpetrate frauds inside India by social engineering methods.
The RBI had in March 2020 had stipulated that authorised fee aggregators and the retailers onboarded by them shouldn’t retailer precise card knowledge with a view to minimise weak factors within the system. On a request from the trade, it prolonged the deadline to end-December 2021 as a one-time measure. Also Read: HSBC AMC to accumulate L&T Mutual Fund for Rs 3,192 crore
The tokenisation of card knowledge, nonetheless, shall be accomplished with specific buyer consent requiring AFA, the RBI had stated. Also Read:Â Brokerage agency bullish on THIS Rakesh Jhunjhunwala portfolio inventory; predicts 20% return
#mute
