Your Tech Story

RBI

RBI

RBI Extends Tokenization Demand For Credit And Debit Cards By 6 Months, Providing Relief To Online Shoppers.

According to new Reserve Bank of India guidelines, e-commerce companies like Amazon and Flipkart, as well as online delivery aggregators like Zomato, will not be able to save card information on their platforms starting July 1, 2022. (RBI). Beginning next year, customers conducting online transactions on any e-commerce platform will be required to enter their debit or credit card information each time. Customers can, however, avoid the hassle by giving platforms permission to tokenize their cards.
To improve security, the RBI issued guidelines in March 2020 that prohibited merchants from saving customers’ card details. The regulatory body updated its guidelines on card tokenization services in September of this year to improve safety and security. The Reserve Bank of India (RBI) on Thursday extended the deadline for card tokenization until June 30, 2022, in response to repeated requests from industry stakeholders. Tokenization is the process of replacing credit and debit card information with an alternate code known as a “token.”

Because the card details are not shared with the merchant during transaction processing, tokenized cards are considered safe for online transactions. “The deadline for storing card on file (CoF) data has been extended by six months, to June 30, 2022,” the central bank said in a notice to all payment system operators, adding that all such data will be purged after the extended deadline expires.
The RBI had previously set a deadline of December 31, 2021, as the end date. Reserve Bank of India (RBI) had previously been requested by the Indian Banks Association (IBA) to extend the deadline for tokenizing. The main reason for the request for a delay in the tokenization deadline was that many small and medium-sized businesses lack the infrastructure to transition to the new system, even though banks are more or less prepared.

RBI
Image source: indianexpress.com

Tokenisation is the process of replacing credit and debit card information with an alternate code known as a “token.” Each card, token requestor, and device has its own token. The entity that accepts a customer’s request for tokenization of a card and forwards it to the card network for issuance of a corresponding token is known as the token requestor.

The cardholder can have his or her card tokenized by submitting a request through the token requestor’s app. Token requestors send their requests to the card networks, which issue tokens with the approval of the card issuer that correspond to the particular card, token requestor, and device.

So, what does this imply for a loyal customer? The following are ten key points to remember:

  1. Customers will be unable to save their debit or credit card information on any e-commerce platform beginning July 1, 2022.
  2. Every time a customer conducts an online transaction, they will be required to re-enter their card details.
  3. Customers can give e-commerce companies permission to “tokenize” their cards in order to avoid the hassle. E-commerce platforms will ask the card network to encrypt details with additional factor authentication if necessary after receiving a customer’s consent.
  4. Customers can save their cards for future transactions once the e-commerce platform receives the encrypted details.
  5. Most major e-commerce platforms can only tokenize Mastercard and Visa-issued cards for the time being. Other financial services cards are expected to be tokenized in the near future.
  6. For both credit and debit cards, the new RBI guidelines must be followed.
  7. International transactions are exempt from the new guidelines. The new RBI guidelines are only applicable to domestic cards and transactions.
  8. Customers will not be charged an additional fee for card tokenization.
  9. On e-commerce platforms, tokenized cards will be identified by the last four digits as well as the issuing bank and network name.
  10. Finally, card tokenization is not required. Customers can choose to tokenize their cards for faster transactions or enter their card information manually.

RBI

As A Result Of The RBI New Payments Rule, Tech Giants Brace For The Fallout In India.

As the central bank of the world’s second-largest internet market imposed a new directive. for how recurring payments are processed in this country, Apple, Sony, Google, Zoom, PayPal, and dozens of other technology companies, as well as dozens of banks, have warned customers and partners in India to expect an increase in rejected transactions.
The RBI has issued a directive that requires banks, financial institutions, and payment gateways to obtain additional approval from users for auto-renewable transactions worth more than 5,000 Indian rupees ($67) by providing notices, mandates, and Additional Authentication Factors (AF). The directive affects all those transactions for debit and credit cards.
The directive, which was first proposed in 2019, was supposed to go into effect in April of this year, but it was postponed until September 30 after banks and other stakeholders said they weren’t ready to comply.
Before deducting amounts for recurring payments, banks must now obtain account holder approval. The Reserve Bank of India (RBI) announced new self-debit rules on Friday as the next step in securing digital credit or debit card transactions. Recurring automatic payments for various top-ups and bills must now be protected with additional authentication factors under the new rules (AFA).
All banks, including RRBs, NBFCs, and payment gateways, have been ordered by the central bank to stop processing recurring domestic and cross-border transactions using cards, prepaid payment instruments (PPI), or Unified Payment Interfaces (UPI) without AFA.
Before deducting funds for certain purposes, banks must now get account holders’ permission. The new guidelines require banks to send customers a one-time password for recurring payments over $5,000.
Because banks were not yet ready to implement AFA, the deadline had to be pushed back several times. Recurring payments to utility service providers, as well as recharging of telephone, DTH, and OTT services, are all covered by the new car rule. The RBI directive on implementing AFA will cover all of these payments because they are now made through recurring deductions from registered bank accounts, UPI IDs, or digital wallets.
The new rules have been communicated to most banks’ customers. If you missed the announcement, here are five things to know about the RBI’s new automatic billing rules.

RBI
Image source: www.trustnodes.com

Early Accountholder Alert

Before deducting the amount from the registered account for recurring payments, banks must notify account holders 24 hours in advance. The reason for this is to ensure that customers are fully informed about all transactions involving their accounts. The bank will not be able to forward the money to the service provider unless the customer has acknowledged and completed the recurring payment.

One-Time Registration

If customers want to complete future transactions without additional authentication factors, they must first complete the registration process. Users will be able to make future transactions without having to repeat AFA, despite the fact that it appears to be an extra step. They can also specify a transaction’s validity period in the future.

OTPs For Auto-Debit

In accordance with the new direct debit rules, the bank must send a one-time password (OTP) to the account holder for recurring payments exceeding $5,000.

Choice To Opt-Out

Customers are not obligated to use AFA for recurring payments and can opt out at any time. The pre-debit notification that the bank will send to the customer to confirm automatic billing will also include a link that the customer can use to disable AFA. However, this will negate the additional security it provides.
Auto-Debits out of AFA
The new automatic debit rules will not affect permanent instructions to use an existing bank account for mutual funds, SIPs, or Equivalent Monthly Installment (EMI) for loans.