The regulatory body of all Indian banks called the Reserve Bank of India has ordered all the merchants not to store customers’ sensitive credit and debit card information starting next year.
In fact, the apex bank has asked Amazon, Flipkart, and Zomato to delete all the card information stored earlier.
The RBI has said, instead of using sensitive card information, merchants should use the tokenization system.
In a tokenization system, the sensitive card information is replaced by a 16 digit unique code just like the card number. This 16-digit unique code is called a token.
The token encrypts all the necessary information required to make a purchase.
It will be issued by the card networks like Visa, Mastercard, RuPay, etc to the banks.
A token is generated by the combination of information from card and merchant. Since the card information is always the same and we could initiate a transaction from different merchants, a token will be different for different merchants. That means tokens are merchant-specific.
A consumer won’t even know their token details. However, every time they have to make a purchase, they need to enter their card information which will not be saved by the merchants on their server.
Making online transactions using a tokenization system isn’t new, it is already being used in UPI transactions. That’s why as of now, UPI is the safest way of making an online transaction.
One thing to note here is, tokenization system is applicable only for domestic transactions.
The benefit of Tokenization System
It is said, the tokenization system will reduce online theft and fraud as merchants will not store the card details. Hence, in the future, if a merchant’s server faces any data breach, the card details of the customers will not be exposed.