TestCloud
Prep • Practice • Perform
Log In

New RBI guidelines on credit card tokenization come into effect

Banking & Finance | Dated: 01 Nov 2025

New guidelines from the Reserve Bank of India (RBI) regarding credit card tokenization came into effect on November 1, 2025. Under these rules, merchants can no longer store customers' full credit card details (Card-on-File). Instead, they must use an encrypted "token" for processing online payments, a move aimed at enhancing consumer data security.

🎯 Key Highlights:

  • Tokenization replaces sensitive card details with a unique algorithm-generated string called a "token".
  • This rule prevents online merchants from storing the 16-digit card number, expiry date, and CVV.
  • This enhances security as the actual card data is not exposed during a transaction breach.

💡 Other Important Facts:

  • The deadline for implementation was extended multiple times to allow merchants and payment gateways to comply.
  • This applies to all entities in the payment chain, including payment aggregators and gateways.
  • Customers must give explicit consent to create a token for their card on a merchant's website.

📚 Test Your Knowledge:

As per new RBI rules, what will merchants use instead of actual credit card details for online payments?

Correct Answer: Token

🚀 Quick Recap:

About RBI

  • (i) Full Form: Reserve Bank of India (ii) Headquarters: Mumbai (iii) Governor: Shaktikanta Das (iv) Established: 1 April 1935.