With online shopping becoming more and more popular, the incidence of online payments via credit and debit cards has never been higher. But then there are things that we will still need cash for, so ATM transactions are also important. RBI has made announcements recently and here’s what we need to know about changes made to ATM rules and to online payments made via credit and debit cards.
Customers are permitted to make five transactions free of charge each month from their own bank’s ATM. We can also withdraw cash from the ATMs of other banks thrice a month in metros and five times each month in non-metros. If there are transactions over and above than the permitted free withdrawal (and ATM actions), customers will be charged Rs. 21 per transaction.
The rules are also applicable for Cash Recycler Machines, which is an advanced type of ATM machine that handles both withdrawals and deposits as well. In this machine, the bank notes are put into a feeder that counts notes, identifies their denomination and also checks for counterfeit notes. The notes are then sorted and dispensed to those making withdrawals. This recycler machine will also update debits and credits to customer accounts instantly. PAN verified accounts can deposit up to Rs. 2 lakh per day.
There will be an added layer of security added to credit and debit card payments made online, i.e. tokenization. Starting 1 January 2022, online stores and payment aggregators will not be allowed to store these card details on their database. The card info such as card number and name of holder, CVV etc. will be transformed into a token, or a randomly generated number. Access to the saved info will be via this tokenization process.
According to the RBI update, the customer needs to “provide a one-time consent via OTP and undertake a transaction to tokenize their credit/debit card for the first time.” this is something called COFT or Card on File Tokenization which is meant to “improve customer data security and offer them the same degree of convenience as now.” This move is meant to allay apprehensions of incidents such as data theft or the breach of sensitive information stored on various merchant sites.
Merchants are worried that this will result in revenue losses of 20 to 40% and have requested RBI to extend the 1 January deadline. There is the apprehension that there could be disruptions because the merchants may not be able to put into place the three step process required for this.
As of now it is not clear what consumers will have to do or what will change given these new rules issued by the RBI. Card data storing on UPI systems such as Google pay will also be impacted until tokenization is complete. However it is not clear whether payments made directly from bank accounts linked to UPI will also be impacted.
Do you have something interesting you would like to share? Write to us at [email protected]
