Postal Ballots-For home voting step by step process 2024.pptx
RBI Tokenization And Impact on Digital Adoption
1. RBI Tokenization
And Impact On
Digital Adoption
Presentation by :- Group 6
Anusha (38)
Subhroto (39)
Harsh Gupta (40)
Utkarsh Suneja (41)
Saksham (42)
Ankit Kumar (43)
Ashish Kedia (44)
Tulika Sinha (45)
SSD ASSIGNMENT ON
2. Every one of us must have read news like this in last few years
3. Introduction
• Digital payment adoption in India has been witnessing massive growth over the
last few years and it will grow at a rapid pace over the next few years and
account for a 71.7 percent share of all the payments by 2025.
• India is well on its way to becoming a global fintech leader with digital
transactions growing 80% in 2020 and Unified Payment Interface transactions
up by 70 times in the last four years.
• With the growing rate of digital transactions, financial crime and data breaches
have also increased proportionally with digital fraud attempts on financial
services rising by 88.5%.
4. ● In September 2021 RBI
released a fresh
guidelines, giving
businesses until the end
of the year to comply with
new regulations and
requiring the use of
encrypted tokens in the
place of actual card
information and this
process was called
tokenization.
● So, what is tokenization ?
5. What is this tokenization ?
So lets Understand it,
• When you buy something online, you share your credit card or debit card
information with the e-commerce platform. This highly sensitive data, which is
now stored by the platform, is vulnerable to data theft or leakage.
• In an effort to make card transactions more secure, India’s central bank , the
Reserve Bank of India, has been encouraging cardholders to tokenize their cards.
• Tokenization is the process of replacing card details with a unique set of
characters, or a token, that enables payments to be processed without exposing
any sensitive card details that could potentially breach the security and privacy
of consumers.
6. Tokenization cont.
●A token is used instead of the actual card number with a
matching expiration date.
●This token number is created using an advanced algorithm that
maps the actual card number to a corresponding token
number. This number is nearly impossible to crack since the
original number mapped to the token resides only with the
tokenization provider.
●In a way, tokenization is more secure than encryption, since
with tokenization, there is no cryptographic key, only an
intelligent mapping that cannot be cracked in the event of an
attack.
7. There are two major types of tokenization
that are used in the payment industry.
●Device tokenization: Device tokenization is
carried out by network providers while the
token is saved on a near-field-
communication (NFC)-powered mobile
device, NFC-powered wearable, or any
NFC-powered IoT device. The token can be
embedded on these devices and then used
for tap and pay transactions.
●Card-on-file (CoF) tokenization or PCI
tokenization: With this type of tokenization,
the card details can be saved when you
opt in during your initial online payment
and can then be used to conduct card-not-
present transactions. Such tokenizations
can be performed by merchants, payment
aggregators, payment gateways, or
networks like Visa and Mastercard.
8. The RBI focused on the CoF
tokenization method in its
September 2021 guidelines.
Tokens for each combination
of card details, token
requestor (merchant), and
device shall be unique. Card
issuers have also been
permitted to offer card
tokenization services as token
service providers (TSPs). This
service can only be offered
for the cards either issued by
or affiliated with the TSP.
9.
10. • Imagine walking into a gaming
zone or casino, where you pay
with actual money in exchange for
plastic coins, which hold no value
outside the gaming zone’s
premises. You can play Pac-man
or win your favourite toys in a
vending machine only with that
token or coin.
• Similarly, with card tokenization,
the idea is to mask card numbers
and protect sensitive consumer
data with tokens containing
randomized numbers and
alphabets.
11. Do You Know?
Plural, was one of the first online payment platforms in India to have adhered
to this mandate and implemented card tokenization.
12. • No online retailers or payment
gateways will be permitted to save
any credit card information of the
customers on their digital platform.
• This will lead to Safer Payments and
no data leak.
• More and more people will adopt
online payment methods
• enhance the payments security.
• The customer is not required to pay
any fees in order to use this service
for tokenization and de-tokenization,
which is only possible through
authorized card networks.
• Customers are also free to set and
change daily and per-transaction
quotas for tokenized card
transactions, as per RBI.
13. • It’s a manual process so each customer
will need to give their consent with an
additional factor of authentication to
tokenize their card.
• Its very difficult to make consumer aware
about this process as India has very large
population.
• It must be noted that each stakeholder in
the payment flow needs to comply with
the new tokenization guidelines for the
transaction to go through successfully.
Even after tokenization is complete, the
transaction may fail if a stakeholder has
not integrated the required technology to
accept or read tokenized cards.
• Media reports suggest that e-commerce
businesses will not be able to migrate to
the new system in time — which is
certain to erode consumer trust in digital
markets.
14. • What are the challenges in
Tokenization?
• Banks & card networks need to
ready APIs.
• Correspond with the
merchant’s network.
• Recurring payments may be
most imparted.
• Card-on-file data isn’t always
stored in one database.
• Can lead to temporary loss of
customers for small merchants.
15. ● As India moves towards implementing the Personal Data Protection Bill (newly titled The Data
Protection Bill, 2021), this framework to enhance digital payment security in the country comes at a
very opportune time. As fintech advances pick up pace in the country, it is important to weave in
security and privacy by design at the earliest stages. Fulfilling the dream of a digital India can only
succeed when data security concerns are satisfactorily addressed.