Even though digital payments are growing rapidly in India, a large part of our population is still not comfortable when it comes to providing debit and credit card details to the merchants, while shopping online. The main reason why cardholders are not comfortable with this is, they are worried about the card numbers being stored in the merchant’s payment system. They believe that these details can be misused by fraudsters.
As many citizens are worried about the security of the card details provided online, Reserve Bank of India (RBI) is working to improve the safety and security of card transactions. With the intention of making digital payments more secure, the RBI has allowed card networks like Visa and Mastercard opt for ‘tokenization’ in card transactions to token requestors, (third-party app provider).
This feature makes transactions through your debit and credit cards more secure and this boosts digital transactions in India.
Tokenization is the method of replacing card's primary account number (16-digit number printed on the card) with a unique alternative code or token. This makes sure shopper’s sensitive payment information is safe.
After the implementation of the Tokenization feature, the 16 digit number on your credit or debit card is masked and it will not be known to anyone including the merchant. You don't have to enter your card number, CVV, expiry date and so on.
All you have to do is generate a token and make the payment. The merchant will store a 'token' created against your card number. The token generated will be de-tokenized at the card network back-end to initiate payments to the merchant.
To add the feature of tokenization on all the cards, the card networks like Mastercard or Visa will approach all the credit card and debit card issuers.
1. If you have to make payments on an online shopping portal, you have to enter the 16-digit card number. For instance: 1586 4444 3662 14111.
As soon as you enter your card number a token number will be created for your card number.
For instance: 1$43#&5##+=.
The merchant system stores only a token number, not your card number.
2. This token will be sent to the Payment Processor of card networks and it is the only readable link in the whole system.
3. Once it is sent to the Payment Processor, it will be de-tokenized and the payment will be made to the merchant.
These tokens have high-security features. Once the token is issued, nobody can reverse the token to find the original card number other than the cardholder himself.
See Also: How to get a Digital Signature?
As frauds are increasing in India, RBI is taking many steps to curb frauds and make digital payments more secure. While shifting from magnetic stripe card to EMV card helps in reducing fraud on the ATM side, tokenization will help in reducing the frauds that take place while making online payments.