Are e-commerce players ready for RBI’s tokenisation deadline?

In the course of your online transactions, you would have read about Tokenization, even if you did not understand it. I’m sure many of you would have seen this somewhere but would have skipped it without knowing what exactly this is. Remember the “Secure your card as per RBI guidelines” message prompt when you check out your cart while buying something online using your card? The RBI has requested all the banks to create tokens for our debit and credit card information. 

What exactly is tokenization

When you are shopping online with your debit or credit card, instead of our card details like name, number, CVV, etc., it’ll all be replaced by a “token”  which the bank will issue. You will get an SMS like, “As per RBI guidelines on card storage, your Axis Bank card credentials have been tokenized for Mandate ID…” or something like this. But why this? How is this helpful? 

This is a new move by the RBI to hide the customer card details from the merchants or even the payment gateway. By default, e-commerce websites or other online stores save your card details except for the CVV number. They will have your name, your card number, and the card’s expiry date. After you enter your CVV number, it’ll either ask for your OTP or your password. Well, now things are going to change because of this tokenization.

This is a secure move since we don’t have to worry about our credit card information being misused elsewhere by anyone without our knowledge. Your entire card details will be replaced by this single token. This will be a unique and secure token.

Let’s say you regularly shop on example.com using your credit card, and all of a sudden, one day, it gets hacked. What happens next? All your card details will be available on the black market for sale. With this new tokenization, we can actually avoid all this because it’s hard to misuse this unique token. 

By when is tokenization mandatory in India 

The tokenization mandate from RBI requires it to be adopted from October 1. All the leading e-commerce giants, like Amazon, Paytm, etc., have been tokenizing for some time now since September 30th is the deadline for this RBI tokenization. But, the question arises whether we need an extension since small-scale businesses and merchants are still struggling with setting up their infrastructure.

Are all e-commerce platforms ready for RBI’s Tokenization deadline

Smaller merchants feel they need more time for complete testing and be confident that there would be no hiccups once tokenization comes into effect. In fact, hasty implementation when systems are not ready at the merchants’ end might result in loss of revenue or reverting to traditional ways of payments. 

Merchants also depend on payment aggregators/gateways for tokenization readiness. This dependence, confusion and the lack of testing of systems may lead to possible system slowdowns and even failure to complete transactions. 

While tokenization on the whole is good for the industry, and more secure for the customer, there has to be readiness all across. Not just the bigger e-commerce players, but all the smaller merchants need to be ready as well for tokenization to be beneficial to the industry. 

Leave a Comment