The Reserve Bank of India on 7th September 2021 has enhanced the existing card tokenization system to reinforce the safety and security of card data while continuing the convenience in card transactions.
As per the revised framework, the device-based tokenisation framework has been extended to Card-on-File Tokenisation (CoFT) services as well, and the card issuers have been permitted to offer card tokenisation services as Token Service Providers (TSPs). The tokenisation of card data shall be done with explicit customer consent requiring Additional Factor of Authentication (AFA).
The RBI had earlier permitted ‘tokenisation’ services, under which a unique alternate code is generated for transaction purposes, on mobile phones and tablets of cardholders.
