Focus on business growth while we do the heavy lifting

One unified solution for multiple card issuers & networks
ultimate convenience
100% compliant
Assign tokens that act as proxies for card details, without compromising on privacy.
access save cards
Easily auto-enabled
No integration needed for Standard Checkout & Custom UI accounts.
increase security
Convert customers faster
Leverage 11mn+ saved cards and offer customers a seamless payment experience.
increase conversion
No business disruptions!
Ensure continuity for your business growth, without a glitch.

Card Tokenisation Explained

works illustrationworks illustration
Card Tokenisation is the process whereby the original card number is replaced with a surrogate value called a token. The relationship between the token number and the original card number is stored in a vault owned by either the card network or the issuing bank.
Razorpay acts as a Token Requestor, connecting businesses to card networks and’/or issuing banks. Alternately, if a business is a Token Requestor, Razorpay still acts as a layer connecting the business with card networks and/or issuing banks.
Want to learn more?
Talk to our Experts Today

We’ve got you covered!

Here’s a sneak peek into what we are building for our industry!
increase conversion

Powerful tracking & reporting

Track & control token requests, create custom reports and more from our intuitive dashboard.
increase conversion

Flexible across payment systems

Integrate with us and seamlessly create & use tokens across all payment gateways.
increase security

Highly scalable APIs

Scalable and developer-friendly APIs capable of supporting high traffic volumes.

Frequently Asked Questions

FAQs

What does the RBI guideline say?
What does the RBI guideline say?

The RBI guideline on Card Tokenisation prohibits businesses, payment aggregators, payment gateways and acquiring banks from saving customer card details. Card networks & Card issuers are the only parties that can now save card data. This is effective July 1st, 2022.

Why do merchants need Razorpay’s tokenisation solution?
Why do merchants need Razorpay’s tokenisation solution?

Merchants can continue enabling seamless payments for their customers by allowing them to “save” their card details through the tokenisation mechanism. Merchants who do not adopt a tokenisation solution post 30th June 2022, will no longer be able to offer saved cards experience to customers on the checkout page. This will lead to:

  • Poor customer experience, as customers will now have to input card details everytime they make a payment
  • Increase in drop offs at the checkout page leading to decline in revenues. Businesses providing a saved card experience to customers see up to a 4% increase in conversions.
  • Loss of market share to competitors who might offer the tokenisation solution via Razorpay, thus providing a superior customer experience.
  • Inability to offer personalized offers to customers on the checkout page.

How does card tokenization work?
How does card tokenization work?

Card tokenisation is the process by which the original 16 digit card numbers / Primary Account Number (PAN) is replaced with a random string of 16 digit numbers called a “token.” These tokens are managed between the Token Requestor and the Network and allows customers to store their card details in a secure and compliant fashion.

What are the benefits of tokenisation?
What are the benefits of tokenisation?

  • Card Tokenisation safeguards customers’ card data, thereby reducing the possibility of data breaches or card frauds.
  • Fewer instances of card fraud leads to greater customer confidence in cards as a payment methods and in digital payments as a whole. From a long-term perspective, these guidelines are very beneficial.

What information can merchants continue to store?
What information can merchants continue to store?

Merchants can continue to store the last 4 digits of the actual card number and a card issuer name for tracking/analytical purposes.

Who can save cards as per the new guidelines?
Who can save cards as per the new guidelines?

Card networks & Card issuers are the only parties that can now save plain text cards. All other parties (PA, PG, Acquiring banks and Merchants) can only have a tokenized card and can’t save a plain text card.

Is customer consent required for saving / creating a token?
Is customer consent required for saving / creating a token?

Yes, Customer consent and additional factor of authentication (AFA) is required for saving a card / creating a token. This can be the same 2FA used during the first transaction

Can this token be used along with other payment gateways?
Can this token be used along with other payment gateways?

This token can be used for processing payments via other Payment Gateways as well. You may additionally use our Optimizer product to route payments through any PA/PG without any change in integrations.

What integration changes do I need to do as a Razorpay merchant?
What integration changes do I need to do as a Razorpay merchant?

  • Businesses using standard checkout: No integration effort needed. Razorpay TokenHQ has been auto-enabled for these businesses.

  • Businesses using custom checkout: No integration effort needed. TokenHQ will be available on demand, reach out to your Account POCs or fill this form to get started.

  • Businesses using API Integrated checkout (S2S): 0-3 weeks of integration effort depending on the current integrations with Razorpay and number of APIs. Reach out to your Account POCs or fill this form to get started.
  • What does the RBI guideline say?

    The RBI guideline on Card Tokenisation prohibits businesses, payment aggregators, payment gateways and acquiring banks from saving customer card details. Card networks & Card issuers are the only parties that can now save card data. This is effective July 1st, 2022.

    Why do merchants need Razorpay’s tokenisation solution?

    Merchants can continue enabling seamless payments for their customers by allowing them to “save” their card details through the tokenisation mechanism. Merchants who do not adopt a tokenisation solution post 30th June 2022, will no longer be able to offer saved cards experience to customers on the checkout page. This will lead to:

    • Poor customer experience, as customers will now have to input card details everytime they make a payment
    • Increase in drop offs at the checkout page leading to decline in revenues. Businesses providing a saved card experience to customers see up to a 4% increase in conversions.
    • Loss of market share to competitors who might offer the tokenisation solution via Razorpay, thus providing a superior customer experience.
    • Inability to offer personalized offers to customers on the checkout page.

    How does card tokenization work?

    Card tokenisation is the process by which the original 16 digit card numbers / Primary Account Number (PAN) is replaced with a random string of 16 digit numbers called a “token.” These tokens are managed between the Token Requestor and the Network and allows customers to store their card details in a secure and compliant fashion.

    What are the benefits of tokenisation?

    • Card Tokenisation safeguards customers’ card data, thereby reducing the possibility of data breaches or card frauds.
    • Fewer instances of card fraud leads to greater customer confidence in cards as a payment methods and in digital payments as a whole. From a long-term perspective, these guidelines are very beneficial.

    What information can merchants continue to store?

    Merchants can continue to store the last 4 digits of the actual card number and a card issuer name for tracking/analytical purposes.

    Who can save cards as per the new guidelines?

    Card networks & Card issuers are the only parties that can now save plain text cards. All other parties (PA, PG, Acquiring banks and Merchants) can only have a tokenized card and can’t save a plain text card.

    Is customer consent required for saving / creating a token?

    Yes, Customer consent and additional factor of authentication (AFA) is required for saving a card / creating a token. This can be the same 2FA used during the first transaction

    Can this token be used along with other payment gateways?

    This token can be used for processing payments via other Payment Gateways as well. You may additionally use our Optimizer product to route payments through any PA/PG without any change in integrations.

    What integration changes do I need to do as a Razorpay merchant?

  • Businesses using standard checkout: No integration effort needed. Razorpay TokenHQ has been auto-enabled for these businesses.

  • Businesses using custom checkout: No integration effort needed. TokenHQ will be available on demand, reach out to your Account POCs or fill this form to get started.

  • Businesses using API Integrated checkout (S2S): 0-3 weeks of integration effort depending on the current integrations with Razorpay and number of APIs. Reach out to your Account POCs or fill this form to get started.
  • Have more queries?
    Get a free consultation from our experts!
    Request a Meeting

    Supercharge your business with Razorpay

    Sign up now to experience the future of payments and offer your customers the best checkout experience.

    • Quick Onboarding
    • Access to entire product suite
    • API access
    • 24x7 support
    Sign Up