Thursday, 20 January 2022

New Rules set to change for online payment from 1st January

New Rules set to change for online payment from 1st January

With the rise in the digital entry in the country, more and more people are using online payments to book cabs, shop, or order food. But the digital world is full of warning from cybercriminals who are always waiting to access users' data.

To provide better security to people and make online payments safer, the Reserve Bank of India has asked all merchant and payment gateways to remove delicate customer details and debit and credit cards saved on their end.

New rules come into effect from January.

What does this mean?

After the order from the RBI, the merchants and payment gateways will have to delete all the information stored on their servers. A user will have to enter the full card details to make payments on merchant websites.

All Banks have started informing the customers about the changes coming into effect. One of the leading private banks, HDFC, has been sending text messages to its customers that they will either enter full card details or opt for tokenization.

What is tokenization?

According to the current system, the transaction execution is based on the correct values of the 16-digit card number, card expiry date and the CVV, and the one-time password or OTP (in some cases transaction PIN too). Tokenisation replaces the actual card number with an alternative code, called the "tokens."

It is unique for a combination of card, token requestor (i.e., the entity which accepts these request from the customer for tokenization of a card and passes it on to the card network to issue a corresponding token), and device (referred hereafter as "identified device").

New Rules set to change for online payment from 1st January 1unsplash image

Read More: ATM cash withdrawals to be costlier from 1st January

How is tokenization safer?

According to RBI, a tokenized card transaction is safer as the card details are not shared with the merchant during transaction processing.

It further said that actual card data, tokens, and other relevant details are stored securely by the authorized card networks. A token requestor cannot store Primary Account Number (PAN), i.e., card number or any other card detail. Card networks are also mandated to certify the token requestor for safety and security that conform to international best practices/globally accepted standards.

The central bank also said that converting the token back to actual card details is known as de-tokenization. The customer doesn't need to pay any charges for availing of this service.

What will change from 1st January?

From 1st January onwards, when you make the first payment to any merchant, you will need to give them your consent with an additional factor of authentication (AFA). Once done, you will complete the payment by keying in your card's CVV and OTP.

Follow Us

Popular Post

Delhi cold for a sixth consecutive day, IMD says relief likely soon

Delhi cold for a sixth consecutive day, IMD says relief like…

Farhan Sayyed Jan 18, 2022 Politics

Many Parts of Delhi recorded cold day conditions for the sixth consecutive day on Tuesday. Overcast skies and low clouds swing over the city even as I...