Card Tokensation: RBI extends deadline

Read Time:1 Minute, 33 Second

The Reserve Bank of India (RBI) on Thursday extended the deadline to comply with new card storage rules by another six months to June 2022, following requests from industry bodies and other stakeholders.

“In light of various representations received in this regard, we advise…the timeline for storing of card on file (CoF) data is extended by six months till June 30, 2022; post this, such data shall be purged,” it said.

Referred to as tokenization, the process involves replacement of actual card details with a unique alternate code called the token.

On Thursday, RBI also said that in addition to tokenization, industry stakeholders may devise alternative mechanisms to handle any use case that currently involves storage of card data by entities other than card issuers and card networks.

Mint reported on Thursday that merchants are grappling with major technology integration challenges as they scramble to comply with the tokenization deadline.

Meanwhile, two industry associations, Merchant Payments Alliance of India (MPAI) and the Alliance of Digital India Foundation (ADIF) have together voiced their concerns over the industry’s readiness on tokenization. In a joint statement on Wednesday, they said they have written to RBI, requesting an extension of the 31 December deadline for implementation of card data storage norms.

The two bodies said they sought a phased implementation of the new mandate, a minimum time frame of six months for merchants to comply post readiness of banks, card networks, and payment aggregators/payment gateways, as well as the generation of consumer awareness about the impact of the policy change.