With a day to go before the Reserve Bank of India (RBI) tokenization norms begin, the system is relatively ready for the transition. There are still some cracks in his armor and teething problems are expected.
Banks, payment providers, and merchants are bracing for potential disruption after the September 30 deadline, as tokenization has yet to be tested with a large volume of payments.
Additionally, due to the timing of the new date – right in the middle of the Christmas season – merchants are scrambling to adopt the new payment method to avoid disruption and lost sales.
Card on File Tokenisation (CoFT) replaces card data with a ‘token’ that is unique to each debit or credit card and merchant platform that uses it. This is the alternative that card networks like Visa, Mastercard, and RuPay, as well as payment gateways, merchants, and banks, have been gearing up to meet Reserve Bank of India (RBI) norms.
As per RBI norms, payment aggregators (PAs), payment gateways (PGs), and merchants cannot store customer card credentials in their databases after September 30.
The Merchant Payments Alliance of India (MPAI), whose members include digital platforms like Netflix, Disney+ Hotstar, Spotify, Zoom, Microsoft, and Policybazaar, has written to the RBI twice in the past month asking the regulator to regulate card networks, PA and PG demonstrate that CoFT solutions work just as well as card-based processing across use cases.