HomeCredit CardsCard-based Tokenization – 6 Steps to Tokenise Card and Stay Safe with...

Card-based Tokenization – 6 Steps to Tokenise Card and Stay Safe with Fraud

Card-based tokenization is one of the best ways to stay safe from online fraud. It is seen that online fraud is growing and one solution suggested by RBI to overcome this is Card based on tokenization. This facility is also known as CoFT – Card on File Tokenization. 

In this post, I will cover complete details about Card based tokenization and its benefits.

What is Card-Based Tokenisation?

Tokenisation refers to the replacement of actual card details with an alternate code called the “token”, which shall be unique for a combination of cards, token requestor (i.e. the entity which accepts a request from the customer for tokenization of a card, and passes it on to the card network to issue a corresponding token) and device (referred hereafter as “identified device”).

This means your actual card details would not be passed only the token would be passed to the requestor. Conversion of the token back to actual card details is known as de-tokenization.

Why Card Tokenization – What are the benefits of tokenisation?

A tokenized card transaction is considered safer as the actual card details are not shared with the merchant during transaction processing. This means it is a completely safe transaction.

#1 This type of online transaction are safe from fraud as intruder or hacker can not get actual card information.

#2 In this method, actual card data, tokens, and other relevant details are stored in a secure mode by authorized card networks. A token requestor cannot store Primary Account Number (PAN), i.e., card number, or any other card detail. Card networks are also mandated to get the token requestor certified for safety and security that conforms to international best practices / globally accepted standards.

#3 Card Details can not be saved by merchant online. The different token is required for different platform.

Tokenisation has been allowed through mobile phones and/or tablets for all use cases/channels (e.g., contactless card transactions, payments through QR codes, apps, etc.)

How can tokenization be carried?

Step 1 – The cardholder can get the card tokenised by initiating a request on the website/app provided by the token requestor and any such similar facility provided by the merchant. 

Step 2 – The token requestor/merchant will forward the request directly to the Bank which issued the applicable credit card or to Visa / Mastercard / American Express, with the consent of the card issuing Bank. 

Step 3 – The party receiving the request from the Token requester, will issue a token corresponding to the combination of the card, the token requestor, and the merchant.

This is a free service and the customer need not pay any charges for availing this service.

6 Steps to Tokenise your Debit/Credit card 

Here are 6 simple steps suggested by RBI to Tokenise your Debit or Credit card while doing a transaction.

Card-based Tokenization

#1 Start

Visit any e-commerce/merchant website or application to make a purchase and start a payment transaction.

#2 Choose Your Card

During checkout enter your debit card or credit card details. Alternatively, select your preferred bank’s debit card or credit card saved earlier as a payment method on the platform.

#3 Secure Your Card

Select option “Secure your card as per RBI guideline” or “tokenize your card as per RBI Guideline”

#4 Give Consent to Create Token 

Enter OTP sent to your mobile phone number or email by your bank and complete the transaction.

#5 Generate Token

Your token is generated and saved in the platform instead of actual card details.

#6 Tokenised 

When you visit the same website or application again, the last four digits of your card are displayed to help you identify your card for doing the payment. Tokenised.

Over to You

Do you think CoFT – A card-based token facility introduced by RBI is safe and reliable? Do you use this facility for securing transactions?

If you are not using this facility, it is advisable to use this facility to secure your card details and transaction. 



Shitanshu Kapadia
Shitanshu Kapadia
Hi, I am Shitanshu founder of moneyexcel.com. I am engaged in blogging & Digital Marketing for 10 years. The purpose of this blog is to share my experience, knowledge and help people in managing money.