Debit Card, Credit Card Tokenisation From 1 July 2022: What Are the New Rules

New debit/credit card rules: Merchants will be forced to delete customer card data from 1 July 2022.

2 min read

All the credit card and debit card holders are going to receive good news soon. It is to be noted that new debit card rules will be implemented from 1 July 2022. The online merchants will not be able to store the card data of customers any more, starting from 1 July 2022. The Reserve Bank of India (RBI) issued debit and credit card tokenisation rules last year, in 2021 focusing on customer safety.

According to the rules, merchants were not allowed to store customer card data on their servers. It is important to be noted by all the credit and debit card holders that the card tokenisation rules are set to come into effect from 1 July 2022 as per the latest information. The Reserve Bank of India (RBI) has announced certain rules that will be implemented soon.


Earlier, the RBI had made the adoption of card-on-file tokens for online domestic purchases compulsory. Later, the deadline for the adoption of card tokens was extended by six months across the country, which is from 1 January 2022 to 1 July 2022.

It will be stored as an encrypted "token" that will assist the customers to make secure transactions. The token will allow transactions to be made without disclosing customer card details.

It is important to remember that from 1 July 2022, merchants will be forced to delete customers' debit and credit card data from their records. There are certain other points that everybody should know regarding card tokenisation.

New Debit Card Rules: Everything To Know About Card Tokenisation

The Reserve Bank of India (RBI) has not made the card tokenisation system mandatory for all the debit and credit card holders.

If a customer has not agreed to tokenisation of their debit/credit card, then the customer has to provide all card details like name, card number and card validity instead of entering the card verification value or CVV every time while opting for online payment.

The customers who are willing to tokenise their cards, have to enter the CVV or one-time password (OTP) details while doing the transaction.

It is crucial to take note that the tokenisation system is completely free and it provides a convenient payment experience along with securing one's card data. However, this is applicable for domestic online transactions only.

The Reserve Bank of India (RBI) has stated that the tokenisation request is done only with explicit customer consent through Additional Factor of Authentication (AFA). Nobody can force the customers to opt for it.

(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)

Speaking truth to power requires allies like you.
Become a Member
Read More