One more time, babe; End dither – The Economic Times

Clipped from: https://economictimes.indiatimes.com/opinion/et-editorial/one-more-time-babe-end-dither/articleshow/88510760.cmsSynopsis

To avoid inconvenience to customers, banks and payment networks must work together to swiftly overcome the technology integration challenges, and launch campaigns to educate the public on tokenisation.

The Reserve Bank of India‘s (RBI) move to defer the deadline again for digital payment entities to purge customer data from their servers by another six months to June next year bows to the inevitability of a royal mess, if it were to enforce the current deadline of December 31. Card issuer, card networks and payment gateways and merchants should stop dithering and move on card tokenisation. There should be no reason for yet another postponement of the date for commencing tokenised transactions.

The card tokenisation service allows networks to create a unique alternative code or token for the card details stored with the merchant, the so-called Card-on-File, or for card details on electronic devices such as mobile phones. This token is specific to that token requestor and card (and device, if a device is involved). This prevents the customer’ actual card details from being used by merchants or payment aggregators. They store and transmit only the token. Tokenisation and detokenisation are done by card networks who, presumably, have higher levels of security. While card details and token details would all be encrypted end-to-end during transmission, and so would be relatively secure during transmission, if the merchant site or a payment aggregator site were to be hacked, card details would be sold on the dark web, if those details were stored on the merchant site. Once only tokens are stored, those token numbers, even if they fall into the hands of a hacker, are useless on other sites, Thus tokens reduce the vulnerability of card usage.

To avoid inconvenience to customers, banks and payment networks must work together to swiftly overcome the technology integration challenges, and launch campaigns to educate the public on tokenisation.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s