Are You Ready For Tokenisation?

As per the RBI rule you might have received a message from your bank that starting 01st Jan 2022, all your credit/debit cards sensitive data stored in any third-party merchant apps will be deleted and can not be stored further. This initiative will enhance the security of cards against any fraudulent activities.


So after 01st Jan 2022, you must enter your cards full details every time you transact in any merchant site/app or the second option is to go for tokenisation of your card.

Tokenisation is not new, but due to increasing fraudulent cases, now RBI has made it mandatory for online transaction from 01st Jan 2022.

To solve your queries regarding Tokenisation, we have gathered all the frequently asked question related to it. So read below to know about Tokenisation.

1. What is tokenisation?

Ans. Tokenisation is the process of replacing actual card details with an alternate code called a "token," which must be unique for each combination of card, token requestor (i.e. the entity that accepts a customer's request for tokenisation of a card and passes it on to the card network to issue a corresponding token), and device (referred to as "identified device" hereafter).

2. What is de-tokenisation?

Ans. De-tokenisation is the process of converting a token back to actual card information.

3. What is the benefit of tokenisation?

Ans. Because the real card data are not shared with the merchant during transaction processing, a tokenised card transaction is deemed safer.

4. How can the tokenisation be carried?

Ans. The cardholder can have his or her card tokenized by submitting a request using the token requestor's app. The token requestor will send the request to the card network, which will issue a token corresponding to the card, the token requestor, and the device, with the card issuer's permission.

5. What are the charges that the customer need to pay for availing this service?

Ans. The consumer does not have to pay anything to use this service.

6. What are the use cases (instances / scenarios) for which tokenisation has been allowed?

Ans. Tokenization has been enabled for all use cases / channels via mobile phones and/or tablets (e.g., contactless card transactions, payments through QR codes, apps etc.)

7. Can tokenisation be enabled through a smart watch or such other devices?

Ans. Tokenisation is a function that is only available on mobile phones and/or tablets.

8. Who can perform tokenisation and de-tokenisation?

Ans. Only the authorised card network may execute tokenization and de-tokenization. The list of card networks approved by the RBI to operate in India may be found at on the RBI website.

9. Who are the parties / stakeholders in a tokenisation transaction?

Ans. The merchant, the merchant's acquirer, the card payment network, the token requestor, the issuer, and the client are usually involved in a tokenised card transaction. An entity other than those listed may, however, take part in the transaction.

10. Are the customer card details safe after tokenisation?

Ans. Authorized card networks maintain actual card data, tokens, and other essential elements in a secure fashion. The token requestor is unable to save the Primary Account Number (PAN), often known as the card number, or any other card information. Card networks must additionally certify the token requestor for safety and security in accordance with international best practises and globally acknowledged standards.

11. Is tokenisation of card mandatory for a customer?

Ans. No, a consumer can opt to have his or her card tokenized or not.

12. Does the customers have the option to select tokenisation for a particular use case?

Ans. Customers can register or de-register their card for certain use cases, such as contactless, QR code-based, in-app purchases, and so on.

13. How does the process of registration for a tokenisation request work?

Ans. A tokenisation request is only registered with explicit client consent via Additional Factor of Authentication (AFA), not via a forced, default, or automated selection of a check box, radio button, or other option. Customers will now have the option of choosing a use case and setting up limitations.

14. Can the customer set / select own limits for tokenised card transactions?

Ans. For tokenised card transactions, customers can establish and change per transaction and daily transaction limitations.

15. Is there any limit on the number of cards that a customer can request for tokenisation?

Ans. Any number of cards can be tokenized at the request of a consumer. The consumer may use any of the cards registered with the token requestor app to complete a transaction.

16. Can the customer select which card to be used in case he / she has more than one card tokenised?

Ans. The consumer may utilise any of the cards registered with the token requestor app to complete any transaction.

17. Is there any limit on the number of devices on which a card can be tokenised?

Ans. A consumer can have his or her card tokenized on any number of devices. However, for the time being, this service will only be available via mobile phones and tablets.

18. Whom shall the customer contact in case of any issues with his / her tokenised card? Where and how can he / she report loss of device?

Ans. All concerns should be sent to the credit card companies. Card issuers must provide consumers with simple access to report the loss of a "identified device" or any other occurrence that might expose tokens to unauthorised use.

19. Can a card issuer refuse tokenisation of a particular card?

Ans. Card issuers may select whether or not to enable token requestors to register cards provided by them based on risk assessment, among other factors.

20. Where can more information on RBI instructions on tokenisation be found?

Ans. The RBI circular on tokenization may be seen at Notification.aspx?Id=11449&fn=9&Mode=0 on the RBI website.


Tokenisation is a great feature that can save you from digital frauds. It will be best if you adapt to this new feature as soon as possible. Hope this post have solved all of your queries regarding this new feature.
 You can contact me if you require any more details about tokenisation.

Post a Comment