card tokenisation: Card tokenisation to be implemented from October 1, no further extension signals RBI

The Reserve Bank of India on Friday signalled that it would not extend the October 1, deadline for implementation for tokenisation of card based payments. Deputy governor T Rabi Sankar told reporters that the central bank would not hold back innovation because a few stakeholders weren’t prepared for implementation.

“The feedback that we have from virtually all stakeholders is that it (tokenisation) is perfectly ready,” Sankar said. “I believe there are a few participants who may not be ready, but that would largely be because of their unwillingness to comply. We don’t believe that we should hold back efforts to ensure customer protection because of such laggards. They might take a little bit of more time but all of them will come on to the framework soon enough.”

Sankar said that about 35 crore tokens have already been created and in September about 40% of transactions were undertaken using tokens, valuing at Rs 63 crores.

Central bank rules require all merchants to delete customer debit and credit card details before October 1 and replace card payments with unique tokens.

The RBI said in July it would not extend the timeline for storing card data and directed all stakeholders, except for card issuers and card networks, to purge the customer data before October 1. This is the third such extension in the past 18 months.

“Ever since we issued the regulations in March 2020 we have been constantly talking to all stakeholders to ensure that the transition to the tokenisation framework happens smoothly,” he said. “As you know we have given many extensions so that the system is comfortable switching over. We just wanted to ensure that customer safety doesn’t get compromised because of problems faced in the implementation of tokenisation.”

Tokenization is a process by which card details are replaced by a unique code or token, allowing online purchases to go through without exposing sensitive card details.

ET had recently reported that top merchants had approached the regulator to direct banks, payment aggregators and card networks to ensure that recurring token based payments are tested widely to avoid disruptions.

Without directly seeking an extension, the Merchant Payments’ Alliance of India (MPAI) had requested the RBI to mandate system participants to demonstrate the same level of success rate in token and card-based payments in a letter dated September 26. The letter also requested that all existing e-mandates based on card details be immediately transferred to tokens.