What are the RBI guidelines on tokenization?


The RBI guidelines on card tokenization are as follows,

  • Payment aggregator, payment gateway or merchants cannot store card numbers on their servers even if they are PCI/DSS compliant
  • Card networks and Issuing banks can only store card numbers and offer token provisioning services to other entities in payment industry
  • The deadline for compliance of these guidelines is 31st of December 2021


Did this answer your question?