30th June 2022 is almost here & we are all set with end-to-end Tokenization

Are you an e-commerce merchant, aggregator, or payment gateway still facing concerns with the mandate on saving the consumer card data? In the banking and payments ecosystem, everyone is aware that 30th June 2022 is the new deadline for executing the tokenisation mandate by RBI. After demonetisation, tokenisation has been the biggest challenge for everyone in the value chain.

Card on File Tokenisation (CoFT) is a process of replacing payment card details with a unique code called the token, hiding the sensitive details. The level of data protection is the highlight of this mandate. As a merchant, you cannot force your consumers to create a token for online purchases, but if your consumers don’t want to go through the trouble of entering their card details every time then they can opt to create a token for their card details on your merchant portal.

Few facts around CoFT:

• Token generation is done by the card schemes/networks say Visa, RuPay, Mastercard, etc.
• After authentication of details from the consumer’s issuer bank, the token is generated by the card scheme.
• Consumers have to generate a unique token for each merchant website/app they use for ordering food, paying bills, booking a cab, shopping, etc.

As the industry pioneer with domain expertise, we are all set and geared up with our Token Requestor Service for the merchants, aggregators, and payment gateways for Visa, Mastercard & RuPay. ISG’s Token Requestor Service includes:

• Token Provisioning, i.e. creation of token after an explicit consent, and an additional factor of authentication from the consumers via OTP,
• And Sharing of Token Credentials (Token PAN, Expiry, & TAVV) for the online transactions

If you are an e-commerce merchant who is already onboarded to card schemes as a token requestor, then you can onboard with us simply by providing your Token Requestor ID (TR ID).

ISGPay - our payment gateway, provides a tokenised transaction flow. For initiating an online transaction, your merchant portal will provide a feature to capture either a clear PAN (for guest checkout) or an option to select a token PAN, and such transactions further will be routed through ISGPay Payment Gateway to perform authentication and authorization legs of the e-com transaction.

ISG’s Token Requestor Service is certified by the respective schemes for RuPay, and Mastercard, and comfort-tested for Visa by CyberSource. This change may appear a burden for now but it’s for the benefit of every player in the system. And, if you are one of the many merchants, payment aggregators, or acquirers who are still looking for a well-tested and certified token requestor or payment gateway service, do write to us at [email protected]