Home News From Jan 1 2022, Indian online merchants cannot store credit card information #Tokenization
  • With effect from January 1, 2022, no entity in the card transaction / payment chain, other than the card issuers and / or card networks, shall store the actual card data. Any such data stored previously shall be purged.
  • For transaction tracking and / or reconciliation purposes, entities can store limited data – last four digits of actual card number and card issuer’s name – in compliance with the applicable standards.

From RBI: On a review of the tokenisation framework and to enable cardholders to benefit from the security of tokenised card transactions as also the convenience of CoF, it has been decided to effect the following enhancements –

    1. Extend the device-based tokenisation framework referred to at paragraph 1 above to CoF Tokenisation (CoFT) as well.
    2. Permit card issuers to offer card tokenisation services as Token Service Providers (TSPs).
    3. The facility of tokenisation shall be offered by the TSPs only for the cards issued by / affiliated to them.
    4. The ability to tokenise and de-tokenise card data shall be with the same TSP.
James Webb Space Telescope: Mirror deployment process completed IPL 2022: Hardik Pandya Set To Captain Ahmedabad Franchise PKL 2021, Day 31 Highlights: UP Beat Bengal, Haryana Beat Delhi Priyanka Chopra, Nick Jonas welcome baby through surrogacy Amar Jawan Jyoti merged with flame at National War Memorial