(This article was first published in The Times of India.)
From 1st January 2022, online businesses will not be allowed to store the debit card or credit card data of their customers unless they comply with RBI’s tokenisation guidelines.
Consumers might have come across messages such as “Save card for future use” on websites and apps in the past few days. E-commerce companies are taking this consent to store this data as per the new guidelines.
Even though the 31st December deadline might get extended, tokenisation is something that will eventually have to be implemented by online merchants.
What is tokenisation
Until now, card details are stored by merchants online or in cloud systems through an encrypted system. This means that merchants do have access to your card details. However, with tokenisation, card details will be stored through tokens.
The 16-digit credit or debit card number will be converted into unique codes. This set of code is called a token. This makes the storage of card details securer than before.
The Reserve Bank of India has come out with these guidelines to safeguard consumers from data theft and fraud. But this is good news for e-commerce companies as well because they won’t feel the pressure of safeguarding these details. In the tokenisation system, only the card network and issuing bank will have access to card data.
The saved cards feature has been an important part of the checkout flow for both consumers and merchants. The feature reduced the steps for consumers to make a payment on a website or app, which meant higher sales for e-commerce companies.
Without saved cards, there are chances of higher customer drop-offs at checkout. This is why e-commerce businesses should ensure that they enable tokenisation and ease the checkout process for their consumers.
How startups can abide with tokenisation guidelines
While all of this might seem overwhelming for e-commerce companies, especially smaller or early-stage startups, they can easily comply with the guidelines by integrating with a payment gateway like Paytm Payment Gateway or Razorpay.
As per RBI guidelines, only card networks like Visa, Mastercard, American Express, RuPay and others can use the tokenisation technology. But directly partnering with all card networks is not a feasible option for e-commerce startups. Hence, it is easier for them to integrate a payment gateway that enables tokenisation of cards.
Reputed payment gateways have been working with relevant stakeholders to launch features that enables tokenisation of cards.
Paytm Payment Gateway, for example, has launched a product called Paytm Token Gateway that merchants can integrate for tokenisation. Paytm Token Gateway works for businesses that use Paytm Payment Gateway as well as for businesses that use other payment gateways.
Similarly, Razorpay has a product called Razorpay TokenHQ. Their product can also be used by merchants using Razorpay’s or other payment gateways.
The future of card payments
Tokenisation is touted to be the future of card payments. Consumers who shop online love fast checkout and online merchants can use tokenisation to not only reduce cart abandonment but also provide their customers with a safe and secure payments experience.