India Update: RBI Tokenisation Framework
On September 7, 2021, the Reserve Bank of India (“RBI”) released circular CO.DPSS.POLC.No.S-516/02-14-003/2021-22 (“CoFT Circular”) updating the framework for card tokenisation in India. The updated framework extends this technology to Card-on File Tokenisation (“CoFT”) and now allows card issuers to offer tokenisation services.
Previous Framework
On January 8, 2019, the RBI permitted authorised card payment networks (“Card Networks”) to offer card tokenisation services to third-party app providers (“Token Requestors”). The RBI allowed Card Networks to offer tokenisation for all use cases, including near field communication (NFC) / magnetic secure transmission (MST) based contactless transactions, in-app payments, and QR code-based payments. However, Card Networks were only allowed to enable tokenisation through trusted devices – originally, mobile phones and tablets and more recently, IoT devices and wearables. This means that any ‘token’ issued by a Card Network in place of actual card details must be linked to a specific device.
For further details, please refer to the below document.
For further details, please contact [email protected]
