What is Tokenization? – Explained
Background
As RBI (Reserve Bank India) has mandated starting 1st January 2022 **, a Credit/Debit (or any form of Virtual) card number, its CVV and the Expiry date and any other sensitive information related to a card cannot be stored by any merchant or payment aggregators/gateways for processing online transactions. What is tokenization has been explained below.
** UPDATE on 23rd DEC 2021: RBI has extended the deadline to implement tokenization till 30th June 2022. The decision has been taken on after tje industry had sought more time to comply with the latest data safety rules.
You can refer to the artice pubished by the ET for more details. Link given below:
https://economictimes.indiatimes.com/news/economy/policy/rbi-extends-tokenisation-deadline-to-june-30-next-year/articleshow/88460571.cms
What is tokenization?
In simple words it is a process to identify your sensitive card data with unique identification symbols or a unique ID. It is said to be highly secure method to protect payment credential
Tokenization or Tokenisation is a hot topic in recent days. Throughout the world. companies use the system of tokenisation to keep all sensitive data like credit / debit card, and bank account numbers, etc safe while giving a smooth experience.
It is also a shift from encryption era which controlled the conversation system of sensitive data handing
Always With You
Why is tokenization required?
RBI has recognized the need for not to save Credit / debit card data with merchant server.
This is because, when we do a purchase at a ecommerce website, they offer to save the payment detail in order to make customers experience better in the subsequent visits. But there remains a threat: if a hacker hacks such the ecommerce website, the whole data is accessible to the hacker. Hence it is unsafe to us.
Tokenization will replace the credit / debit card details with a code called a token. Tokenization boosts payment security.
What is Token?
Not going into technical details, a Token is a unique set of string (may be characters) which can be word based, subword based or random-character based.
What is tokenization process?
The tokenisation process It allows to process confidential financial data without storing or handling the financial data in any server. In other words It is the process of replacing sensitive data with unique identification symbols or ID that retain all the essential information about the data without having compromised its security.
If you are a merchant dealing with ecommerce platform or planning get in to the same, tokenization is a feature that enables you to complete a transaction without handling or storing your customer’s sensitive payment card data on your server. It is great to know that tokenisation also aids future or recurring payment transactions
Advantages of tokenization
The tokens are created through random algorithms hence they cannot be restored, reversed or linked back to any original payment data or personally sensitive data.
Tokenization also keeps these data safe from internal or external threats that can happen during a payment process.
To conclude, Tokenization boosts payment security. It is a reliable data protection model that provides better safety from the encryptions and ensuring the financial transactions being done with reduced risk of fraud and data breaching.
RBI on tokenization
RBI Chief General Manager Mr P. Vasudevan has addressed to All Payment System Providers and Payment System Participants vide letter number RBI/2021-22/96 CO.DPSS.POLC.No.S-516/02-14-003/2021-22 dated September 07, 2021 on Tokenisation – Card Transactions: Permitting Card-on-File Tokenisation (CoFT) Services
Please refer to the RBI website on the given ink.
https://rbi.org.in/Scripts/NotificationUser.aspx?Id=12159&Mode=0
Some types of tokenization
White space tokenization
Dictionary tokenization
Rule based tokenization
Penn tree tokenization
Spacy tokenization