Ans. No, a customer can choose whether or not to let his / her card tokenised.

Ans. Customers have the option to register / de-register their card for a particular use case, i.e., contactless, QR code based, in-app payments, etc.

Ans. The registration for a tokenisation request is done only with explicit customer consent through Additional Factor of Authentication (AFA), and not by way of a forced / default / automatic selection of check box, radio button, etc. Customer will also be given choice of selecting the use case and setting-up of limits.

Ans. Customers have the option to set and modify per transaction and daily transaction limits for tokenised card transactions.

Ans. A customer can request for tokenisation of any number of cards. For performing a transaction, the customer shall be free to use any of the cards registered with the token requestor app.

Ans. For performing any transaction, the customer shall be free to use any of the cards registered with the token requestor app.

Ans. A customer can request for tokenisation of his / her card on any number of devices.

Ans. All complaints should be made to the card issuers. Card issuers shall ensure easy access to customers for reporting loss of “identified device” or any other such event which may expose tokens to unauthorised usage.

Ans. Based on risk perception, etc., card issuers may decide whether to allow cards issued by them to be registered by a token requestor.

Ans. More information can be found in the following circulars issued by RBI - DPSS.CO.PD No.1463/02.14.003/2018-19 dated January 8, 2019, CO.DPSS.POLC.No.S-469/02-14-003/2021-22 dated August 25, 2021 and CO.DPSS.POLC.No.S-516/02-14-003/2021-22 dated September 07, 2021.