The RBI guideline on Card Tokenisation prohibits businesses, payment aggregators, payment gateways and acquiring banks from saving customer card details. Card networks & Card issuers are the only parties that can now save card data. This is effective July 1st, 2022.
Merchants can continue enabling seamless payments for their customers by allowing them to “save” their card details through the tokenisation mechanism. Merchants who do not adopt a tokenisation solution post 30th June 2022, will no longer be able to offer saved cards experience to customers on the checkout page. This will lead to:
- Poor customer experience, as customers will now have to input card details everytime they make a payment
- Increase in drop offs at the checkout page leading to decline in revenues. Businesses providing a saved card experience to customers see up to a 4% increase in conversions.
- Loss of market share to competitors who might offer the tokenisation solution via Razorpay, thus providing a superior customer experience.
- Inability to offer personalized offers to customers on the checkout page.
Card tokenisation is the process by which the original 16 digit card numbers / Primary Account Number (PAN) is replaced with a random string of 16 digit numbers called a “token.” These tokens are managed between the Token Requestor and the Network and allows customers to store their card details in a secure and compliant fashion.
- Card Tokenisation safeguards customers’ card data, thereby reducing the possibility of data breaches or card frauds.
- Fewer instances of card fraud leads to greater customer confidence in cards as a payment methods and in digital payments as a whole. From a long-term perspective, these guidelines are very beneficial.
Merchants can continue to store the last 4 digits of the actual card number and a card issuer name for tracking/analytical purposes.
Card networks & Card issuers are the only parties that can now save plain text cards. All other parties (PA, PG, Acquiring banks and Merchants) can only have a tokenized card and can’t save a plain text card.
Yes, Customer consent and additional factor of authentication (AFA) is required for saving a card / creating a token. This can be the same 2FA used during the first transaction
This token can be used for processing payments via other Payment Gateways as well. You may additionally use our Optimizer product to route payments through any PA/PG without any change in integrations.
The RBI guideline on Card Tokenisation prohibits businesses, payment aggregators, payment gateways and acquiring banks from saving customer card details. Card networks & Card issuers are the only parties that can now save card data. This is effective July 1st, 2022.
Merchants can continue enabling seamless payments for their customers by allowing them to “save” their card details through the tokenisation mechanism. Merchants who do not adopt a tokenisation solution post 30th June 2022, will no longer be able to offer saved cards experience to customers on the checkout page. This will lead to:
- Poor customer experience, as customers will now have to input card details everytime they make a payment
- Increase in drop offs at the checkout page leading to decline in revenues. Businesses providing a saved card experience to customers see up to a 4% increase in conversions.
- Loss of market share to competitors who might offer the tokenisation solution via Razorpay, thus providing a superior customer experience.
- Inability to offer personalized offers to customers on the checkout page.
Card tokenisation is the process by which the original 16 digit card numbers / Primary Account Number (PAN) is replaced with a random string of 16 digit numbers called a “token.” These tokens are managed between the Token Requestor and the Network and allows customers to store their card details in a secure and compliant fashion.
- Card Tokenisation safeguards customers’ card data, thereby reducing the possibility of data breaches or card frauds.
- Fewer instances of card fraud leads to greater customer confidence in cards as a payment methods and in digital payments as a whole. From a long-term perspective, these guidelines are very beneficial.
Merchants can continue to store the last 4 digits of the actual card number and a card issuer name for tracking/analytical purposes.
Card networks & Card issuers are the only parties that can now save plain text cards. All other parties (PA, PG, Acquiring banks and Merchants) can only have a tokenized card and can’t save a plain text card.
Yes, Customer consent and additional factor of authentication (AFA) is required for saving a card / creating a token. This can be the same 2FA used during the first transaction
This token can be used for processing payments via other Payment Gateways as well. You may additionally use our Optimizer product to route payments through any PA/PG without any change in integrations.