Device Tokenisation is Introduced by PhonePe for Secure Card Payments

Nitin Konde, Varun Bhardwaj

18 Feb 2025 — 2 min read

PhonePe Launches Device Tokenisation for Secure Card Payments

The largest digital payments provider in India, PhonePe, on 17 February, announced the release of PhonePe SafeCard, a tokenisation solution for credit and debit card transactions conducted online. Both PhonePe customers and merchant partners will be able to continue enjoying the ease of stored card transactions with enhanced security and in accordance with the new RBI rules thanks to this solution.

Every major card network, including Visa, RuPay, and Mastercard, is supported by this solution. By transforming private cardholder information into a token—a string of randomly generated numbers—tokenisation gives users an extra degree of security. To tokenise their debit and/or credit card for the first time, a client only needs to complete a transaction and give their one-time approval via OTP. Users will be able to use their saved card information for smooth transactions throughout the PhonePe ecosystem thanks to this capability.

SafeCard the Real Game Changer

Through a straightforward Application Programming Interface (API) integration, SafeCard will also allow PhonePe merchant partners to offer and utilise tokenisation on their own platforms. With the approval of customers, merchant partners can use this solution to generate, process, remove, and alter tokens for online card payments. In addition to guaranteeing complete compliance with RBI regulations, this will save the merchant partners a great deal of time and effort by eliminating the need to integrate with numerous card networks.

The RBI's new regulation requiring tokenisation is progressive and timely for the Indian digital payments ecosystem, according to Ankit Gaur, Director of Online Business at PhonePe, who spoke about the launch. With the extra security that tokenisation offers, this will enable the ongoing expansion of digital payments. Importantly, PhonePe SafeCard makes sure that the enhanced security has no negative effects on the clientele's experience. In order to get our sizable merchant base active on this platform, we are also collaborating closely with them.

Moving Away From Account Aggregator Business

About two years after obtaining its NBFC-AA licence, Walmart-owned PhonePe stated on 7 February that it was leaving the account aggregator (AA) industry and turning it over to the RBI. Financial information providers (FIPs) send their consumers' financial data to financial information users (FIUs) through account aggregators, which are non-banking financial corporations (NBFCs).

The largest fintech company in India said that its decision to leave the AA industry was due to the competing nature of its priorities, which prevented it from onboarding as many FIPs as it "would have liked." "We have started to wind down our AA operations and have chosen to turn over our NBFC-AA licence to the RBI." In a statement, the business added, "We will be contacting our AA user base soon to let them know about our decision and to assist them in accordance with regulatory guidelines."