Priyanka Pani

Next time you make an online purchase, you may not be required to key in your card details or fear financial fraud while carrying out the transaction. The Reserve Bank of India’s recent decision to alllow tokenisation of debit and credit cards offers consumers the choice to make secure digital payments from a variety of connected devices. In the offline mode, it will work through QR code.

Tokenisation is an advanced form of OTP (one-time password). This replaces a plastic debit or credit card’s 16-digit primary account number with an unique alternate code, or token, so that hackers find it difficult to extract financial data. At present, users have to store credit card details on a number of online sites to make payments.

In the new system, customers will receive a number on their smartphones to authorise a transaction. This number will be generated by the card company through a complex algorithm using the card owner’s details and the transaction underway. This number will vary for every transaction. In order to get a token, the customer has to attach his or her debit/credit card to the apps that are complied with the RBI’s tokenisation guidelines.

However, the RBI has not made it mandatory for merchants and third-party apps for now. Those who want to avail the technology will have to take the tokenisation service from players such as MasterCard, RuPay and Visa. However, it is not clear if the card network companies will charge for the service.

Experts feel that while this process will eliminate the huge costs that merchants, payment gateways and third-party apps had to incur in the process to store the encrypted card data of the customers.

“For most of the payment gateways and online merchants it is a huge cost to safely store card data. It is one of the biggest cost for all the payment companies. Now, they are not expected to do that. Also, it elimiates the risk of fraud and, hence, the customer benefits the most,” said Mandar Agashe of Sarvatra Technologies which provides financial technology to banks and NBFCs. Naveen Surya, Chairman Emeritus of PCI (Payment Council of India) said tokenisation will massively reduce the cost of fraud, which is the amount that any bank has to write-off in case of a financial theft. Industry experts peg the cost of fraud to be in range of 10-20 bps of the value of the transaction.

“The move is also in line with the Digital India agenda, and exemplifies the efforts by the regulator to decrease fraud. We expect this move to increase the share of digital payments in everyday use-cases – grocery, fuel and transit,” according to a statement by MasterCard.

Mastercard offers this service in 50 countries with more than 1,500 banks that work with companies such as Samsung, Google, Apple, Fitbit, Garmin, and several others. Mastercard said it is working with all stakeholders in the Indian payments ecosystem – banks, merchants, PSPs and acquirers – to make sure that every card is token-ready.

Niranjankumar Laxman Upadhye, General Manager-Fraud Risk Management, Worldline India, said: “Tokenisation will make card payments secure by devaluing card information. A tokenised value is of no use to someone who wants to misuse a card account, as it is specific to a user and a merchant.”

Vivekanand Sangle, AVP of New Initiatives at Electronic Payments & Securities Pvt Ltd (EPS), said: “High spending segment will find it safe and secure to make payments such as in-app payments, or QR code-based payments. It is also a sweet music for all Internet-based businesses.”

With tokenisation in place, digital payments are likely to grow by 20-25 per cent, experts say.

comment COMMENT NOW