Tokenization - Express checkout card vault merchants
This guide is scoped to merchants who uses Juspay express checkout and card vault
RBI guideline has mandated that from Jan 2022 the only way to store cards is via Tokenization.
Juspay's tokenization platform is integrated with the Major Networks - VISA, MasterCard & Rupay, and is ready to transition you to token based transactions.
Through the document, we will go over the user flows impacted by the guideline and the changes that merchants need to do in order to get tokenization enabled.
Below are the key mandates by RBI on Tokenization:
- Token should be unique to Customer, Card, Token Requestor and Merchant
- Explicit Consent and AFA is mandatory before Token generation
- Only last 4 digits of a card & issuer name can be stored by Merchants, PA/PGs
- Merchant must give cardholder an option to de-register
Tokenization is the process by which the Card Number is replaced with a surrogate value called Token. This token is scoped to a Merchant, Customer & Token Requestor ensuring a more secure payment experience. Every entity to the left of Network will transact using a token and the entities to the right will have card details. Each token is also unique to the Network provider.
Tokenization flow
Updated over 1 year ago