IAS Gyan

Daily News Analysis


28th December, 2023 Economy


Copyright infringement not intended

Picture Courtesy: razorpay.com

Context: The Reserve Bank of India (RBI) has expanded the scope of Card-on-File Tokenization (CoFT) to include debit card issuing banks. This move aims to enhance security and convenience for users opting for digital payments.


  • CoFT, or Card-on-File Tokenization, is a security measure introduced by the RBI to protect users' financial data during digital transactions. Instead of storing actual card details, a unique token is created and used for transactions with merchants, safeguarding sensitive financial information.

Expansion of CoFT Scope

  • Service Expansion: CoFT was previously facilitated through merchants. Now, RBI's notification allows CoFT to be enabled directly through card-issuing banks and institutions.
  • Token Generation: Cardholders can generate CoFT tokens using mobile banking and Internet banking channels.
  • Customer Consent: Tokens can only be generated with explicit customer consent and validation through Additional Factor Authentication (AFA).
  • Flexibility for Cardholders: Cardholders can tokenize their cards at their convenience, either upon receiving a new card or at a later stage. They can also select the merchants they wish to maintain tokens with.
  • Token Issuance: The issued card token maybe by the card network, the issuer, or both.

Purpose and Impact

  • Enhanced Security: CoFT ensures the safety and security of card data by replacing actual card details with unique tokens, minimizing vulnerabilities and potential breaches.
  • Transaction Volume: Since its introduction in October 2022, over 56 crore tokens have been created, facilitating transactions valued at over ₹5 lakh crore. This indicates a substantial adoption and usage of CoFT within a relatively short period.


  • CoFT serves as a protective measure for users' financial data while maintaining the convenience of card transactions. The recent expansion of CoFT to include debit card issuing banks aims to further bolster security and streamline the process for cardholders engaging in digital transactions.

Must Read Articles:

Card-on-File Tokenisation (CoFT): https://www.iasgyan.in/daily-current-affairs/card-on-file-tokenisation#:~:text=Context%3A%20The%20Reserve%20Bank%20of,using%20various%20e%2Dcommerce%20applications.


Q. How does Card-on-File Tokenization (CoFT) enhance the security of online transactions, and what role does it play in facilitating recurring payments for digital services and e-commerce platforms?