BEWARE FRAUDSTERS!!! RBI is coming for you.
It’s revolutionizing the payment industry- yet again
But this time- to fighting CYBER CRIME.
Here’s why RBI is tokenizing your CREDIT & DEBIT CARDS: A🧵
It’s revolutionizing the payment industry- yet again
But this time- to fighting CYBER CRIME.
Here’s why RBI is tokenizing your CREDIT & DEBIT CARDS: A🧵
Almost 2 years after it's first notification, RBI is finally implementing credit and debit card tokenization from 1st of July.
First UPI and now tokenization.
RBI is leaving no stone unturned in flexing it's technical superiority.
First UPI and now tokenization.
RBI is leaving no stone unturned in flexing it's technical superiority.
But what exactly is tokenization and how will it be useful for card holders?
Let's figure it out.
So every time you make an online payment through credit/debit from any merchant website or platform, the details of the card can be registered by the merchant.
Let's figure it out.
So every time you make an online payment through credit/debit from any merchant website or platform, the details of the card can be registered by the merchant.
How is that, you ask?
Remember how most of us use the "Save Card Details" for easier and faster future use?
Yep, that essentially gives merchant the permission to store your card details.
Remember how most of us use the "Save Card Details" for easier and faster future use?
Yep, that essentially gives merchant the permission to store your card details.
So with this option, the next time you go to shop from the same platform again, you simply feed your CVV and a OTP linked to your mobile number for payment. Convenient right?
But this is more dangerous than it looks.
But this is more dangerous than it looks.
You see with your card details registered, any attack on the merchant's platform can lead to your details being exposed.
And according to a report, almost 75% of card users opt to save their card details for ease of use.
And according to a report, almost 75% of card users opt to save their card details for ease of use.
Another survey states that at least 82% of consumers consider it inconvenient for them to re-enter all their card details for payment.
So you can imagine how vulnerable such sensitive information has become.
So you can imagine how vulnerable such sensitive information has become.
RBI saw this and did what they do best, solve the problem with simple yet effective technology.
The details of the card will be replaced by something called as a "token". Basically, tokenization will prevent online merchants from storing customer data on their servers.
The details of the card will be replaced by something called as a "token". Basically, tokenization will prevent online merchants from storing customer data on their servers.
This includes the card number, CVV, expiration date, and other sensitive information.
This token or alternate code, will be unique for a combination of card, token requestor and device.
This token or alternate code, will be unique for a combination of card, token requestor and device.
Wait, what is token requestor now?
For that we need to understand how this whole process of creating the token works.
Suppose you go to your favorite online platform (app/website) to purchase grocery, pay bills or order food.
You pick your items and head to checkout.
For that we need to understand how this whole process of creating the token works.
Suppose you go to your favorite online platform (app/website) to purchase grocery, pay bills or order food.
You pick your items and head to checkout.
For payment, you select the payment by card option and provide your card number and CVV.
With us so far? Right, moving on.
Now where you will be entering your card details, you will see a check box that says “Secure your Card” or “Save Card as per RBI guidelines”
With us so far? Right, moving on.
Now where you will be entering your card details, you will see a check box that says “Secure your Card” or “Save Card as per RBI guidelines”
You tick this checkbox, enter the OTP received on your mobile and voila!
You have successfully created a token for your card.
Now you see, the place where you tick “Secure your Card” option, is the token requestor aka the platform.
You have successfully created a token for your card.
Now you see, the place where you tick “Secure your Card” option, is the token requestor aka the platform.
And token requestor isn't the one who will be creating the token.
He will just be a mediator and pass your request to your card network provider – Visa, MasterCard, etc.
The card network provider will then verify the user credentials and issue the token.
He will just be a mediator and pass your request to your card network provider – Visa, MasterCard, etc.
The card network provider will then verify the user credentials and issue the token.
Phew! Sounds cool right?
Well, it is.
Also once your card is tokenized on a platform, you can recognize it with the last 4 digits of your card.
Well, it is.
Also once your card is tokenized on a platform, you can recognize it with the last 4 digits of your card.
And that is the only information the merchant will be storing. This whole process of creating the token is called card-on-file tokenization (CoFT).
Quite a mouthful huh?
The most interesting part here is that a user can create multiple tokens using a card.
Quite a mouthful huh?
The most interesting part here is that a user can create multiple tokens using a card.
Wait, how?
As we mentioned earlier, token will be unique for a combination of card, token requestor and device.
As we mentioned earlier, token will be unique for a combination of card, token requestor and device.
So if you have stored your card details across five merchants:
say for ordering food, online shopping, booking movie tickets, OTT platforms and clearing you electricity dues, you can create 5 tokens for the same card & in each case the merchant (or payment gateway) is different.
say for ordering food, online shopping, booking movie tickets, OTT platforms and clearing you electricity dues, you can create 5 tokens for the same card & in each case the merchant (or payment gateway) is different.
And in case you don't intend to go to the platform ever again, you can de-tokenize your card as well.
So you see, RBI is once again revolutionizing payments.
So you see, RBI is once again revolutionizing payments.
And this time, it has brainstormed on solving the long plaguing problem of data protection.
It seems like they have cracked the code.
With increase in geopolitical tensions and a decrease in globalization, data protection and privacy have taken the topmost priority.
It seems like they have cracked the code.
With increase in geopolitical tensions and a decrease in globalization, data protection and privacy have taken the topmost priority.
India is among the top 5 countries in terms of victims of cybercrimes.
Do you think RBI's tokenization move will help India move down the list? Let’s talk in the comments
Do you think RBI's tokenization move will help India move down the list? Let’s talk in the comments
If you liked this thread then do ReTweet🔄 the 1st tweet
Follow us: @FinFloww for more such threads🧵
We usually post every Monday, Wednesday & Friday mornings!
Get our WhatsApp Newsletter daily. Join here: chat.whatsapp.com
Follow us: @FinFloww for more such threads🧵
We usually post every Monday, Wednesday & Friday mornings!
Get our WhatsApp Newsletter daily. Join here: chat.whatsapp.com
The FinFloww App is this close🤌🏻….stay tuned…
Loading suggestions...