Tokenisation, which replaces sensitive card information, like card number, card expiry with a cryptographically-generated random string, is one of the key steps taken by RBI recently to secure digital transactions. More on that and other steps by the central bank to prevent Indians falling into a digital debt trap.
Indians are increasingly going for digital payments. New-age solutions such as Unified Payment Interface (UPI) and digital lending are doing the rounds, while transactions through credit, debit and prepaid cards are also becoming more popular with an array of partner offers and exclusive deals making them attractive.
In light of this surge in digital payments, the Reserve Bank of India (RBI) has taken several steps to enhance payments security.
“As more and more people hop on the digitalization bandwagon with respect to monetary transactions, it becomes extremely important to safeguard the customers’ banking data while also ensuring a hassle-free transactional experience,” said Shatrughan Sharma – Global Head – Payment Security, Wibmo – a PayU company, while talking to CNBC-TV18.com.
Let’s take a detailed look at the recent steps by RBI
With its latest tokenisation regulation, RBI has made sure that the infrastructure supporting payment systems are not only functional and efficient but also resilient to new threats, particularly those related to cyber security, said Amit Kumar, Chief Technology Officer at .Easebuzz
Tokenisation plays a key role in not only making the payment transaction experience more secure for the end user, but also in helping merchants deliver a consistent user experience and higher transaction approval rates while ensuring security and speed.
“RBI’s mandate for card-on-file tokenisation is a mark of enhanced focus on building a robust, tech-enabled financial ecosystem to benefit consumers and merchants alike through more secure transactions and better transaction approval rates,” Sharma told CNBC-TV18.com.
Tokenisation replaces sensitive card information, like card number, card expiry with a cryptographically-generated random string, referred to as the card token. Once a card is tokenised, the generated card token can be used for processing payments as a substitute to card details, thus eliminating risk of loss of sensitive card information while making card payments
It is also supported for contactless card transactions, payments through QR codes, apps etc, making it more flexible to adopt on various payment modes. At this point, the tokenisation of cards is not mandatory for a customer, but it is highly recommended to use the tokenisation option during payments for enhanced security.
“For a vast demography like India, tokenisation is a fundamental shift that calls for participation from all the stakeholders in the payment ecosystem – acquirers, issuers, card networks, banks, and fintechs, among others – in a bid to ensure a secure digital payment environment,” Sharma said.
Digital lending framework
Under the rule, the central bank has asked lenders to disclose all the charges in a loan to the borrower. All the loan-related transactions will now happen between the borrower’s bank account and the regulated entity while eliminating any role for the third parties.
(Edited by : Shoma Bhattacharjee)
First Published: IST