Card Tokenisation: What is it and how does it help card users carry out safe transactions? | Mint
Source: Live Mint
PhonePe recently announced that it will tokenise debit and credit card details for users on its app, thus enabling secure and safe digital transactions.
This means users do not need to save their card details such as card number, CVV on the PhonePe app to carry out transactions via this UPI (Unified Payments Interface) platform.
This service will enable card token usage across various services of PhonePe such as bill payment, recharges, travel booking and payments at online merchants.
What is tokenisation?
It is a replacement of actual card details with an alternative code called ‘token’ which is unique for a combination of card, token requestor and device.
What is the purpose of tokenisation?
Tokenisation is vital because these transactions are believed to be safer since the actual card details are not shared with the merchant while processing transactions.
How does the transaction take place?
The card holder can get the card tokenised by initiating a request on the app provided by the token requestor. The token requestor will forward the request to the card network which, with the consent of the card issuer, will issue a token corresponding to the combination of the card, the token requestor, and the device.
What are the charges that the customer needs to pay for availing this service?
This service is free of charge, and one doesn’t need to pay anything for this.
What are the devices on which you can carry out tokenisation?
The feature of tokenisation is available on consumer devices such as laptops, mobile phones, Internet of Things (IoT) devices, desktops, wrist watches, bands, among others.
Is there a limit on the number of transactions for which tokenisation can be carried out?
A card user can request for tokenisation of any number of cards. To carry out a transaction, the card user will be free to use any card(s) registered with the app.
How does the token registration request work?
The registration for a tokenisation request is done only with explicit customer consent through additional factor of authentication (AFA). This does not happen by way of an automatic selection of check box.
