FAQS

What is tokenisation for credit cards?

Want to know what is tokenisation for credit cards? Well, it is the process of converting credit card details into a random unique number with no value for fraudsters if they access it.

Is credit card tokenisation mandatory in India?

From 1 October 2022, the RBI has directed all payment wallets, online merchants, and aggregators to tokenise sensitive customer card-related information instead of storing it in their database.

Is it safe to Tokenise credit cards?

Tokenisation is one of the safest ways of securing a credit card and sensitive information related to the cardholder. After converting credit card details into unique codes, fraudsters cannot access and use them for malicious purposes.

How do I Tokenise my credit card data?

The customer does not need to do anything to tokenise their credit card data.

Once they enter their credit card details when paying an online merchant, the payment processor will automatically tokenise the details to safeguard them before transferring.

What Is Tokenisation Payment?

Tokenisation payment means securing payment by converting the credit card details into unique codes useless to fraudsters trying to steal identity or money during the transaction.

How do I use tokenisation for payment?

There are no steps involved in using tokenisation for a payment. The payment processor automatically tokenises the data to protect it against theft or fraud.

What are the RBI guidelines on saving a card on an online merchant?

As per RBI mandate, starting October 01, 2022, sensitive customer information like complete card number, CVV & Expiry date or any other sensitive information related to cards cannot be stored by merchants for processing online transactions. The merchants will have to remove all details stored, by June 30, 2022.

They will be allowed to store the customer’s card details only through tokenization post taking an AFA (Additional factor authentication, eg: OTP) from the customer. This means that as per the new guidelines, you can now safely secure your card details using tokenisation while you shop with the online merchants.

What is Card tokenisation?

Tokenisation is a backend process of replacing Credit/ Debit/ Prepaid Card details with a unique set of characters or a 'token'. This will secure payments and enable future transactions without exposing any sensitive card details.

Token generation is a system process, you just need to save your card.

What are the steps for tokenisation?

Visit your online merchant's website/ app
Choose the product you want to buy
Select Kotak Bank Credit/ Debit/ Prepaid Card at checkout or enter your Kotak Bank Card details
Select ‘securely save your card’
After successful authentication your card is now secure and you can pay conveniently without entering your card details every time.

How to use a token?

A token once generated can be used for all future payments on the online merchant app/ website, there will be no need to enter your card details every time.

Can I tokenize my existing saved card?

Yes. You can tokenize your saved cards, depending on merchants. Merchants may either provide the option to save the card using tokenisation while you are transacting or will prompt you post login on their website/ app to save your cards using AFA (Additional factor authentication, eg: OTP).

What will happen to my saved cards on online merchant app?

From October 01, 2022, all the customer card details currently saved on the online merchant app/ website will be deleted. You will have to save/ tokenize your card once again which can be used for all future transactions or you can enter your full card number, CVV and Expiry date every time to complete the online transactions.

What will happen if I don’t tokenize my card?

If you don’t tokenise your card, every time you shop on an online website/ app, you will have to enter all the card details (card number, expiry date, CVV) to make the payment.

Will the merchant store my card details?

No. Merchant will not store your actual card details. A token corresponding to your card will be stored.

Who will have access to my card details?

Only your card networks (VISA, MasterCard, Rupay, Amex, etc.) and your card issuer (Kotak Mahindra Bank) will have access to your card details from these tokens.

How is card tokenisation safer?

Multiple tokens are issued for the same card on different online platforms, making it difficult to trace back the token to the card details. In case, any merchant’s data is hacked, the token details alone cannot be used for any fraudulent transactions. Thus completely securing your card.

How will I identify the card on the merchant page after tokenisation?

You will see the last 4 digits of their card number on the merchant page.

Can I select which card is to be used in case I have more than one card tokenized?

For performing any transaction, you can use any of the cards registered with the token requestor/ merchant.

What will happen to the token once my card gets replaced or renewed or reissued or upgraded?

You will have to visit the merchant page and create a fresh token with the new card credentials.

Is the Tokenisation guideline applicable for all Credit/ Debit Cards?

Yes. All Debit, Credit & Prepaid Cards will have to be tokenized for online transactions starting October 01, 2022.

Is Tokenisation applicable for cards saved for International transactions?

No. Tokenisation is applicable only for domestic transactions.

Will tokenisation impact the card transactions at merchant outlets?

No. tokenisation is only required for online transactions.

Are there any charges for tokenizing the cards?

No. There are no additional charges for tokenizing the card.

How many cards can be tokenized at each merchant?

You can tokenize multiple cards with each merchant.

How can I view/ delete tokenized cards?

To view and delete tokenized cards, click here

Credit Card Tokenisation

Frequently Asked Questions