E-commerce and online service providers are bracing for disruption on January 1 when the Reserve Bank of India (RBI) diktat on tokenization takes effect. They will have to delete any credit and debit card data stored on their platforms and replace them with a surrogate code or 'token' to secure the card details of consumers.
Reportedly, merchants, banks, card providers, payment gateways, and other stakeholders say there hasn't been enough time to make the needed backend changes. The measure, which the RBI had announced in September, is aimed at protecting cardholders from fraud.
Many experts believe that the customers will be clueless and payments through card transactions will go down significantly.
In fact, about 5 million customers - the most frequent online spenders in India and the biggest - who have stored their card details with service providers will likely be impacted the most.
The intent behind the move is that the RBI believes that storing actual card data on online platforms makes them vulnerable to hacking and fraud.
In September, the central bank issued a circular requiring online service providers to remove existing card details by next year and replace them with tokens issued by card companies. The bank introduced two-factor authentication a few years ago to prevent card fraud.