[Stay RBI compliant] Process card payments securely with our card tokenization solution.Activate Now!
Give your customers the option to save cards on your website or app and process card payments securely while being RBI compliant.
Supports all major card types:
Supports all major card networks
As per RBI guidelines, with effect from 1st July 2022, neither businesses nor payment aggregators can save customer card details on their platforms. The card details can only be saved by the card networks or issuing banks.
Card tokenization is the process of replacing sensitive card information like card number, card expiry with a cryptographically generated random string, referred to as the card token.
Once a card is tokenized, the generated card token can be used for processing payments as a substitute to card details, thus eliminating risk of loss of sensitive card information while making card payments.
Token Vault is a complete solution. It offers both saving tokenized cards functionality and ability to process payments using tokenized cards as a single solution so that businesses do not have to look out for multiple payment partners.
Cashfree Payments is a fully certified and compliant Token requestor. We support tokenization of cards issued by all leading card networks.
Businesses can integrate Token Vault API with their platform with single integration. Once integrated, Cashfree Payments takes care of both saved card function & processing payments.
With Token Vault, you can offer repeat customers the option to save card, customers can simply select the card and pay directly just by entering the CVV of the card. Make checkout faster and secure while staying RBI compliant.
Have questions on the latest RBI guideline on Card on file Tokenization and how it will affect your customer transactions? Watch our detailed discussion or read through our comprehensive knowledgebase to learn more about card tokenization.
Watch this fireside chat to understand how Card Tokenization can help your business stay RBI compliant.
VP Digital Products, MasterCard - South Asia
Check-out our comprehensive guide on how Card-on-file Tokenization works and how Cashfree Payments can help you stay RBI-compliant!Learn more
Card Tokenization is the process of replacing sensitive card information like card number, card expiry with a cryptographically generated random string, referred to as the card token. Once a card is tokenized, the generated card token can be used for processing payments as a substitute to the actual card details like card number and card expiry and cvv thus eliminating the issue of loss of sensitive card information while making card payments.
Any merchant offering the save card feature to their customers will have to do so by provisioning a token instead of saving the actual card number. Token Vault will help merchants to effortlessly migrate to the this RBI compliance requirement.
Yes, Token Vault helps you tokenize VISA debit and credit cards, and retrieve them whenever your customers try to access the saved cards.
Yes, Token Vault helps you tokenize Mastercard debit and credit cards, and retrieve them whenever your customers try to access the saved cards.
PCI/DSS compliant merchants have to delete the already saved cards with them as RBI does not allow bulk tokenization of cards. * Merchants who were saving the card number on their own servers, can simply integrate with Token Vault APIs of Cashfree Payments and continue processing saved cards after a one time authentication by customers. In this case Cashfree Payments will act as token requestor on behalf of the merchant. * Alternatively, merchant can also integrate with individual card schemes and become a token requestor themselves.
Cashfree Payments offers 2 types of checkout integrations
1) Standard Checkout & 2) Seamless Pro.
A. Merchants using Standard Checkout integration do not need to take any action. Cashfree Payments will automatically enable the saved card feature along with the ability to convert the card details ( as customers enter the card) to unique tokens and then further process tokenized cards received from card networks. Customers having their cards already saved on the merchant site, will have to enter the card details, and do a one time re-authentication for the first transaction on or after 1st July 2022 to continue using the saved card feature.
B. Merchants using Seamless Pro integration will have to update their APIs before 30th June 2022 to save and process card transactions. Check out API documentation. Once API has been updated, customers having their cards already saved on the merchant site, will have to enter the card details, and do a one time re-authentication for the first transaction on or after 1st July 2022 to continue using the saved card feature.
Merchants are allowed to store only the last 4 digits of the actual card number, card scheme and issuing bank name. They cannot store other details like card BIN, card expiry or CVV.
No, merchants will not be able to get the actual card number back from the tokenized cards. Only schemes and issuing banks will be able to do so.
No, explicit consent of customer is mandatory while provisioning token for the card.
If 2FA fails even after the customer had given consent to tokenize the card, merchants will not be able to provision token and save the card.
Yes, the token reference number of tokens provisioned through Cashfree Payments will be saved with us only. However, merchants can fetch the card network tokens from us and use them for payment on any other payment aggregator. It is not possible to migrate cards provisioned through Cashfree Payments on another payment gateway.
No, tokenization is limited only for card payments. All card payments like credit, debit, prepaid and corporate credit cards are impacted.
No, there is no impact as such on card payments where the customer enters the complete card number details. Only in cases where merchants or payment aggregators were saving cards, card tokenization will come into effect.