Page-header-breadcrumb
Breadcrumb
Tokenisation
What is Tokenisation
Tokenization is the replacement of the card number with an alternative number, referred to as a token. With tokenization, we will be able to convert customer’s card details into a token which can be further used to make secure payments via Jio pay, G-pay or contactless payment using NFC (Near Field Communications), MST (Magnetic Stripe Technology) etc.
Tokenization transforms card holder details into digital tokens. The purpose of tokenization is to swap out sensitive data—typically payment card or bank account numbers—with a randomized number (token) in the same format but with no intrinsic value of its own and the payment can be made with just a tap of your smartphone.
Benefits for You
- Two major key benefits- Improvements in consumer and ecosystem security and an enhanced checkout experience. Additionally, these new guidelines helps to enhance consumer trust in e-commerce payments, ensure a seamless transaction experience.
- The primary advantage is security– When customers swipe their credit or debit cards at the checkout counter, their card number is not stored in the merchant’s payment system when tokenization is used. Instead, these 16-digit card numbers get replaced with randomly generated token IDs.
- The functionality is designed to enhance the security of digital payments and simplify the customer buying experience when shopping on mobile or other smart devices.
- Customers will no longer have to deal with the hassle of a lost or stolen credit/debit
Get Started
E-commerce transactions can be processed in the following ways, effective Jan 01, 2022:
Option 1: Through Tokenisation of your Federal Bank Card:
- The introduction of Tokenisation enables processing of online transactions without exposing any sensitive card details that could potentially breach the security and privacy of customers
- E-commerce merchants (like Amazon/Zomato etc.) will prompt you to save your card details for future use, on visiting their website/App or at the time of making a purchase. You may provide your consent to save your card for future use by selecting/ticking the checkbox. If you are not opting to save your card in a secured manner, then you will be required to enter the full card details like 16 digit card number, expiry date and CVV number for each transaction.
- If you provide your consent to save your card, then the card details will be stored in a secured tokenised format.
- This token once generated can be used to make all future transactions, on that particular merchant website/App, without entering the full card details.
Option 2: By entering your Federal Bank Card details each time you make a transaction:
- If you choose not to tokenise your card, the merchant will not be able to store your card details.
- You will, however be able to make your purchases by entering the complete card details, ,during each transaction.
FAQs
- What is the new RBI Guideline on storing card credentials with online merchants?
As per RBI’s Guidelines on Regulation of Payment Aggregators and Payment Gateways, neither the authorised Payment Aggregators (PAs) nor the merchants can store customer card credentials within their database or server after 31st December.
Read more on: Reserve bank of India’s website
- What is a token? And how safe is it?
With respect to online merchants, a token is a 16-digit number unique for a combination of card, token requestor and merchant. Through tokenization your actual card details are replaced with token credentials which can be used only with the intended merchant. Also, each token requestor (Website/App/Merchants) is certified for safety & security as per international best practices / globally accepted standards.
- Is tokenisation of card mandatory for a customer?
No, a customer can choose whether or not to let his / her card tokenised. If not Tokenised, starting 1st Jan 2022, the card holder must enter the full card number, CVV and Expiry date every time to complete their online transactions.
- What would happen to customer’s actual card data stored with the online stores after the guideline is implemented?
After 31st December 2021, the actual card data would be deleted from the database of the merchants & the payment aggregators.
- What can you do to continue enjoying faster checkout experience you get with saved cards?
To continue enjoying faster checkout experience while ensuring security, kindly provide consent to
the online merchants to save the card in a the form of a token.
- Is Tokenisation applicable for International Card on File transactions?
No. Tokenisation is applicable only for Domestic transactions.
- Is the Tokenisation guideline applicable for both Credit and Debit cards?
Yes. Starting 1st Jan 2022, both Debit and Credit cards have to be tokenised
- How to give customer consent?
The customers can provide the consent while:
1). Performing a transaction: Select/Tick the checkbox to provide customer consent to save the card credentials securely with the online merchant
2). Adding card with the online merchant:
Step 1: Add the card details [like card number, Expiry and CVV] and provide consent to save the card securely
Step 2: Enter the OTP received on the registered mobile number with the bank
- If you have added the same card credentials on separate accounts with a merchant, will suspending/deleting it from one account suspend/delete the other as well?
In this case, different tokens shall be created with the merchant and any action taken on one token will not impact the other.
- What is the difference between suspending & deleting a token?
With both, suspend or delete, a cardholder will not be able to perform any purchase transaction. However, when the token is suspended, it can be moved back to active status to reinitiate purchases, while deleting a token is of permanent nature and the cardholder would need to tokenise again to save payment credentials with the respective merchant.
- Do you need to remember which token belongs to which card?
At the merchant website/Application, the cardholder would continue to see the last 4 digits of the actual card number along with the card art (card image) and/or name of the bank to differentiate the respective cards. Kindly note the token number saved with the merchant would not be visible to the end user.
- If the card holder is having 3 different cards, then is the card holder expected to create 3 different tokens for the same merchant.
Yes, Token must be unique for a combination of card and merchant.
- Can the customer select the card to be used in case he / she has more than one card tokenised?
For performing any transaction, the customer shall be free to use any of the cards registered with the token requestor / merchant.