Banking

Mastercard Enables CVC-Less Payments For Tokenised Cards in India

Mastercard has introduced a frictionless payment experience with enhanced security on credit and debit cards in India. The CVC-less payments for tokenised cards will reduce the checkout time and make virtual transactions hassle-free and more secure

Mastercard Enables CVC-Less Payments For Tokenised Cards in India
info_icon

Mastercard on August 3, 2023 announced the introduction of cardholder verification code (CVC)-less online transactions for its debit and credit cardholders who have tokenised their cards on merchant platforms in India. 

The move aims to reduce the checkout time and make virtual transactions hassle-free and more secure, Mastercard said in a press release. 

CVC is a three-digit number printed on the back of debit and credit cards. According to the Reserve Bank of India’s (RBI’s) tokenisation guidelines, merchants who adopt tokenised payments will collect CVC only once, which is while tokenising the card. 

From the second transaction onwards, cardholders will be required to select their tokenised card from the checkout page, confirm the one-time password (OTP) and complete the transaction without keying in the CVC. 

According to Mastercard, several e-commerce players have already adopted CVC-less payments. 

“By eliminating the need for CVC, merchants can expect benefits like higher authorisation rates, reduced checkout abandonment, and enhanced customer payment experience,” Mastercard said in its release.

According to Mastercard, the new token-based transactions will leverage three key factors that will ensure a high degree of safety and security. These include:

Enhanced Security Features: Token-based transactions are inherently more secure as they involve a token expiry and a dynamic cryptogram, thus ensuring additional protection against fraud.

Authenticated User Identity Check: Payments made using an OTP or additional factor authentication (AFA) will ensure that only authorised users can complete the transactions.

Domain Control: Transactions based on tokens are domain-controlled as only the token requestor can seek a cryptogram, thus ensuring a secure and controlled transaction environment.

Anubhav Gupta, senior vice president, South Asia, Mastercard, said in a statement: “Mastercard is committed to delivering innovative and secure payment solutions that protect both merchants and consumers. Besides enhanced data security, CVC-less payments on tokenised cards come with benefits that make the online domestic card payment experience smoother and safer.” 

Akash Sinha, CEO and co-founder, Cashfree Payments said they are excited to introduce CVC-free payments, which will reduce friction for cardholders, and also align their payment experience with other popular modes like UPI Intent. 

Akshant Goyal, CFO, Zomato, added: “CVC-less payments have indeed enabled quicker completion of transactions and enhanced convenience for our customers, without compromising on the security of payments.”