The RBI has implemented new rules for online payments on debit card and credit cards which have come into effect from October 1st. These regulations aim to make online transactions safer and easier. These include tokenization of transactions, the card issuer seeking a one time password to activate the card, and permission to alter credit card limits.

Let us look at these New Credit Card rules in detail and how they will affect you. 

Rule 1: Approval Is Required To Change Credit Card Limit

Previously, the credit limit on your card could be automatically increased. Individuals used to receive only messages about credit limit increases. While this may seem like something nice, it is not since it will impact your CIBILTM score negatively., According to the new RBI rule, after October 1st 2022, the credit limit cannot be increased automatically just like that. The credit card issuer must get the permission of the credit card holder for changing the credit card limit. He must take his written consent. 

Rule 2: Credit Card Tokenization

According to the new RBI rule, you don't have to enter the 16 digit card number on your credit card or debit card for online transactions. The number will be encrypted into a non-sensitive token number. It is also not required to enter names, CVV numbers, and expiry dates on cards. Earlier, these details were saved by websites when transactions were made online. When the website was hacked, the card information would leak and be misused. Third-party payment apps used card details to transfer payments from banks to platforms.

The new rule will prevent any form of misuse and has been effective from October 1st 2022.

How to get a token?

  • The customer must click on “secure your card as per RBI guidelines” after he/she enters all the card details for a transaction. 

  • Post this, the merchant will request the operating bank to generate a unique token for the transaction. 

  • Once the bank consents, the merchant will send the request to the card network.   

  • The customer will get an OTP on his or her mobile or email from the card issuer. 

  • The Customer has to enter this OTP on the bank’s page. 

  • Then, the token will be generated. 

  • The same token will be mailed to the merchant. He can save it with the customer’s phone and email id in case the transaction encounters some technical issues. 

Rule 3: Card-Issuers to Seek One Time Password (OTP)

Previously, credit cards used to be activated without the knowledge of the cardholder, and he used to be charged. With the implementation of the new rule, whenever a cardholder has not activated the card for more than 30 days, the issuer has to get a one-time password from the cardholder. Also, if the cardholder does not wish to activate the card, the issuer must deactivate the card within 7 days without levying any additional fees.  

Conclusion

The three new rules introduced by RBI will affect credit card payments online in a positive way by increasing safety and convenience. 

FAQS New Credit Card Rules From 1 October, And How They Affect You

1:Is card tokenization mandatory?

Tokenization is not compulsory. Those who don’t want to do tokenization can carry out their transactions manually by entering all the card details. But tokenization is safe. So, it is good to utilize this. 

2:What must NBFCs do to issue credit cards?

NBFCs can  issue debit cards, credit cards, charge cards, or similar products virtually or physically only by getting the approval of the RBI. While updating the master direction on credit and debit cards, RBI has stated this.