PaymentsJournal
No Result
View All Result
SIGN UP
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
PaymentsJournal
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
No Result
View All Result
PaymentsJournal
No Result
View All Result

Secure Tokenization: How and Why

By Don Apgar
January 5, 2022
in Analysts Coverage, Fraud & Security, Tokenization
0
0
SHARES
0
VIEWS
Share on LinkedIn
mobile payments, UnionPay mobile payments

The Reserve Bank of India (RBI) continues to be proactive in regulating card-based transactions to ensure the consumer confidence in security and utility is protected as the country approaches what experts have described as a digital tipping point. The RBI has issued guidance requiring that all card transactions be tokenized beginning Jan 1 of this year, both for POS transactions and card-on-file (COF) or subscription sales. Tokenization is the process of replacing the user’s card credentials with a substitute number generated by a secure algorithm. The token by itself is valueless, so if a merchant’s system is hacked, the only payment data exposed are tokens, not actual card credentials that can be used by fraudsters or sold on the dark web. 

The process of tokenization happens inside what’s called a token vault, where the tokenization algorithm is stored, and the only place where a token can be exchanged for the Primary Account Number (PAN). Both card issuers and merchant processors operate token vaults that address different use cases for card security. In the case of digital wallet transactions like ApplePay or GooglePay, the user’s card credentials are stored in the digital wallet or on the mobile device as a token, which is then is sent to the point-of-sale (POS) terminal via NFC. The merchant processor then routes that transaction to the Apple token vault to exchange the token for the PAN that can then be routed to the card issuer for authorization. NFC-enabled cards work similarly, with those tokens managed by the card issuers directly. In the case of recurring or COF transactions where the user has supplied their PAN credentials to the merchant, the initial transaction is tokenized by the merchant processor and the token returned to the merchant for storage. When the merchant presents the token on subsequent transactions, the processor runs it through their token vault to retrieve the PAN that can be sent to the issuer for authorization.

This rule from the RBI follows guidance issued last year requiring merchants to obtain the user’s approval before every recurring charge is billed. Consumers signing up for a monthly subscription must be contacted every month for their approval to process the current month’s charges.

Overview by Don Apgar, Director, Merchant Services Advisory Practice at Mercator Advisory Group

0
SHARES
0
VIEWS
Share on LinkedIn
Tags: CoFMerchantPOSSecure PaymentsSecurityTokenTokenization

    Get the Latest News and Insights Delivered Daily

    Subscribe to the PaymentsJournal Newsletter for exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    Merchants Real-Time Payments, swipe fees, BNPL

    How Software Turned Payments Into a Seamless Part of Commerce

    July 10, 2026
    credit union data, credit union technology

    Inside the Tech Shift Redefining How Credit Unions Operate

    July 9, 2026
    embedded payments

    What Embedded Payments Can Solve for Small Businesses

    July 8, 2026
    apple tap to pay

    Build Momentum Behind Zelle for Business

    July 7, 2026
    Accredited Payments Risk Professional

    The Growing Importance of Payments Risk Expertise

    July 6, 2026
    account aggregation

    The Dilemma Facing Financial Institutions: Aggregate or Be Aggregated

    July 2, 2026
    contactless payments

    Wherever There’s Friction, Contactless Payments Can Help

    July 1, 2026
    gift card strategy, gift card trends

    How Cautionary Spending Is Fueling Gift Card Purchases

    June 30, 2026

    Linkedin-in X-twitter
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter

    ©2026 PaymentsJournal.com |  Terms of Use | Privacy Policy

    • Commercial Payments
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    No Result
    View All Result