Merchants, companies can’t store card data from Jan 1: RBI
Red Book
Red Book

Pre-cum-Mains GS Foundation Program for UPSC 2026 | Starting from 5th Dec. 2024 Click Here for more information

What is the News?

Reserve Bank of India(RBI) has directed that no entity or merchant, other than card issuers and card networks, should store card details — or card-on-file (CoF) — from January 1, 2022. Simultaneously, it has also extended the tokenisation of CoF by card issuers.

Reasons for RBI’s Ban on Storing card data

The merchants, payments aggregators, and even payment gateway players who get to store the card data are not registered with the RBI

Hence, the objective of the RBI’s decision is to create a better security framework for digital transactions, which have accelerated post the pandemic.

What is the solution then?

RBI has permitted authorised card networks to offer card tokenization services to any token requestor. This will make the card transactions more safe, secure and convenient for the users. 

Read more: RBI permits card-tokenization services in a bid to make card transactions more safe
RBI’s Guidelines on Tokenization

The facility of tokenisation will be offered by the token service providers(TSPs) only for the cards issued by or affiliated with them.

Tokenization of card data shall be done with explicit customer consent, requiring additional factor authentication by the card issuer.

What is a Card on File(CoF) Transaction?

Card on File(CoF) Transaction is a transaction where a cardholder has authorised a merchant to store the cardholder’s Mastercard or Visa payment details.

Source: This post is based on the article Merchants, companies can’t store card data from Jan 1: RBI published in Indian Express on 8th September 2021.


Discover more from Free UPSC IAS Preparation For Aspirants

Subscribe to get the latest posts sent to your email.

Print Friendly and PDF
Blog
Academy
Community