RBI wants you to fill the entire card details for every online payment

[Smh]

1. What are the new RBI guidelines?
As per the new RBI guidelines, merchants cannot store the customer’s card data beginning 1st January 2022. This means that, customers will have to enter card details every time they want to do a transaction via card.
2. How can I avoid entering card details every time?
To avoid entering card details every time, customers can provide consent to Amazon Pay to ‘tokenise’ their cards. In tokenisation, Amazon Pay will ask the card network to encrypt their card details with additional factor authentication. Amazon Pay will receive these encrypted details so that customers can save that card for future transactions.
3. What all card networks are supported for tokenisation?
Right now, only the cards powered by VISA and Mastercard can be tokenised. We are working closely with other card networks to bring this facility for everyone soon. We will send you timely updates regarding the same.
4. What will happen to my previously added cards?
Before 1st January 2022, you can give your consent to tokenise your cards powered by VISA and Mastercard. This will ensure that you continue to enjoy seamless payments as before. If you don’t give consent, after 1st January 2022, your card details will be removed and you will have to enter card details every time you do a card transaction. However, for your convenience, we will also offer you the option to give consent and save the card for future transactions.
5. Do the new RBI guidelines apply to both credit and debit cards?
Yes. Starting 1st January 2022, both debit and credit cards need to comply with the new RBI guidelines.
6. Does the new guideline apply to international cards or transactions?
No. It is applicable only to domestic cards and transactions.
7. Will I need tokenisation for offline merchants?
No. Tokenisation is only required for online transactions.
8. Do I need to pay any charges for tokenisation?
No. You do not need to pay any charges for tokenising the card.
9. Is tokenisation of card(s) mandatory?
No, you can choose whether or not to get your card(s) tokenised.
10. Once tokenised, how will I be able to identify my card(s)?
To help you identify your card(s), we will show you the last 4 digits of the card along with issuing bank, and card network name.
11. What will happen to my Bajaj Finserv Limited (BFL) cards?
You will be able to continue to perform transactions using your Bajaj Finserv Limited (BFL) card. However, beginning 1st January 2022, you will be required to re-enter your BFL card details each time you place an order using your BFL card.

Source

Amazon is allowing tokenization of master and visa cards.

 

[Sushubh]

Is Rupay not ready for tokenization or is Amazon not ready

 

[raj2007]

I always think of suing Amazon for saving my card details without(no option) my permission. Now i'm so much relieved of this new RBI rule.
I'm not a frequent shopper, so wasting 10 secs to enter card details every time doesn't bother me.

 

[socrates]

From ICICI Bank

Dear xxxxx xxxxxxxx This is regarding an upcoming change in the Saved Card option when you shop at merchants online (e.g. Amazon/Zomato etc.) through their websites/ mobile apps. As per the RBI guidelines for enhanced card security, effective from Jan 01, 2022, E-commerce merchants (e.g. Amazon/Zomato etc.) will be restricted from saving your ICICI Bank Card details like, Card Number and Expiry Date. Any card details saved earlier by you, on these websites/mobile apps, will be removed. E-commerce transactions can be processed in the following ways, effective Jan 01, 2022:​

​

Option 1: Through Tokenisation of your ICICI Bank Card:​

The introduction of Tokenisation enables the processing of online transactions without exposing any sensitive Card details that could potentially breach the security and privacy of the customers E-commerce merchants (like Amazon/Zomato etc.) will prompt you to "Secure Your Card" or "Save Your Card For Future Use", on visiting their website/app or at the time of making a purchase If you provide your consent to Tokenise your card, the card details will be stored in a secured tokenised format (Tokenisation refers to the replacement of the actual card details with an alternate code called the 'Token') This token once generated can be used to make all future transactions, on that particular merchant website/app, without entering the full card details.

​

Option 2: By entering your ICICI Bank Card details each time you make a transaction:​

​

If you choose not to tokenise your card, the merchant will not be able to store your card details. You will, however, be able to make your purchases by entering the card details, each time, during each transaction. Click here, to know more about Tokenisation.​

 

[socrates]

Do we have to delete our card details from these ecommerce sites or do we just trust them to do it?

 

[mikrotik]

Even if you delete them, how do you know they are not just marking them deleted and not actually deleting the data?

 

[socrates]

Yup v true. Basic rule in databases I am ok with entering the stuff every time, after a few attempts that stuff will get memorized.

 

[Sushubh]

looks like Amazon is no longer offering otp on their own portal now. not sure if it is connected to tokenization.

 

[mikrotik]

Otp on their own portal was done thru IVR transaction. When you initiated the transaction, Amazon will send the request for IVR otp to your bank. This was done by razorpay too.

 

[Navjot Singh]

Online merchants can lose up to 40% revenues after Dec 31 due to tokenisation of user card info

This was brought out at a virtual session on 'Digital Payments and the India Media Consumer' which was organised by CII's Media and Entertainment Committee.

www.financialexpress.com