Industry Bodies Urge RBI To Extend Card Tokenisation Deadline
IANS 22 December 2021
The Merchant Payments Alliance of India (MPAI) and the Alliance of Digital India Foundation (ADIF) on Wednesday urged the Reserve Bank of India (RBI) to extend the card-on-file (CoF) tokenisation deadline of 31st December for merchants.
 
Citing several operational challenges that will hinder the transition to the token-based payments ecosystem, the industry bodies voiced their concerns over industry readiness on the RBI directive on card-on-file tokenisation.
 
MPAI and ADIF said that 'ecosystem readiness' is a sequential process of going live with stable API (application programming interface) documentation for tokenised transactions.
 
The digital payments ecosystem is a long way from consumer-ready solutions and, unless regulated entities are compliant, merchants will not be able to successfully process tokenised transactions, they said in the joint letter.
 
"In the scenario that banks are lax on preparedness, the brunt of that will be borne by merchants in the form of loss of revenue - we are looking at revenues losses of anywhere between 20-40 per cent at the minimum should that be the case," said Sijo Kuruvilla George, executive director, ADIF.
 
RBI in September prohibited merchants from storing customer card details on their servers with effect from 1 January 2022, and mandated the adoption of CoF tokenisation as an alternative to card storage.
 
The industry bodies said that, if implemented in the present state of readiness, the new RBI mandate could cause major disruptions and loss of revenue, especially for merchants.
 
"This unpreparedness will impact recent digital payments adopters even deeply. The frequency and intensity of phishing attempts will go as entire card details are to be entered for each transaction, causing a significant increase in irreversible fraudulent transactions," said Vishal Mehta, chair of governing council, MPAI.
 
Based on the set of guidelines that have been mandated by RBI, sensitive customer information is to be stored in the form of an encrypted 'token' to help secure transactions.
 
These tokens then allow payments to be processed without disclosing the customer details or allowing the payment intermediaries to store customer data that could breach security and privacy.
 
Disclaimer: Information, facts or opinions expressed in this news article are presented as sourced from IANS and do not reflect views of Moneylife and hence Moneylife is not responsible or liable for the same. As a source and news provider, IANS is responsible for accuracy, completeness, suitability and validity of any information in this article.
Comments
Free Helpline
Legal Credit
Feedback