BRC

Alt ID Solution for Guest Checkout Transactions


In the world of global e-commerce, we often store our card details with various merchants for future transactions, making life more convenient. However, this practice comes with risks, as having our card information stored in multiple places increases the chances of it being stolen or misused.

To address this concern in the Indian sub-continent, the Reserve Bank of India (RBI) mandated a solution called tokenization for all Indian merchants, processors and acquirers. This process replaces actual card details with a unique code known as a "token". This token is specific to a combination of a payment card, the requesting entity (like a merchant), and the tokenization service provider

In September 2021, the RBI issued a circular instructing that only card issuers and card networks should store actual card data. Any other entities involved in the payment chain must purge this data. They can, however, retain limited information, such as the last four digits of the card number and the card issuer's name, for transaction tracking and reconciliation purposes.

Despite these regulations, one issue remained for Guest Checkout transactions. These transactions occur when cardholders manually input their card details during a purchase. For these transactions, follow-on transactions such as refunds and payment captures require payment card data which, accordingly to RBI guidelines, must be purged. And a token could not solve this problem as token is only requested when a customer offers their consent to tokenize their information. Recognizing this gap, the Reserve Bank of India (RBI) urged all payment networks to develop a solution for implementing tokenization services specifically for guest checkout transactions.

Because user consent wasn't obtained for tokenizing these cards, and entities are no longer allowed to store all card details, managing post-transaction activities (like chargeback handling, refunds and settlement) for guest checkout transactions becomes tricky. Previously, such activities relied on the stored Card-on-File (CoF) data, which is now prohibited for entities other than card issuers and networks.

One solution emerging to address this challenge is Alternate IDs (Alt IDs). This works by tokenizing guest checkout transactions, replacing the actual card number with a unique token provided by the payment networks. This way, sensitive card data remains secure and protected from exposure, aligning with the RBI's mandate and ensuring safer transactions for all parties involved. Indian Merchants and Payment Service Providers (PSPs) are mandated to process domestic guest checkout transaction via Alt IDs

PayGlocal , through our connection with the card networks, now supports Alt IDs provisioning and transaction processing as a unified solution. All merchants integrated with PayGlocal will have access to this feature by default for India issued payment card transactions.

Transaction flow:

alt-id-flowchart
  1. The customer enters their card details on the merchant's payment page and begins the payment process.
  2. The merchant sends these details to PayGlocal, the Token requester.
  3. PayGlocal forwards the Alt ID generation request to the relevant card network.
  4. The card network responds by providing a card-specific Alt ID along with issuer approval and a transaction-specific cryptogram to PayGlocal.
  5. PayGlocal then initiates the transaction using the Alt ID for further processing.

Benefits:

Alt ID offers several advantages for both merchants and end-customers, similar to a card-on-file tokenization solution:

  1. Merchants can smoothly transition their customers to the Alt ID solution without requiring any changes.
  2. The solution provides a secure option for cardholders who prefer not to save their cards with merchants and wish to avoid signup processes
  3. By integrating with PayGlocal for the Alt ID solution, merchants can ensure compliance with RBI guidelines.

menu-close
PayGlocal receives the final authorization from Reserve Bank of India (RBI) to operate as an online Payment Aggregator!
We're thrilled to share that PayGlocal has received final authorization from the Reserve Bank of India to operate as an online Payment Aggregator!πŸŽ‰
This achievement marks a significant step forward in our mission to deliver secure, seamless, and innovative payment solutions for businesses across India. Our dedicated team has worked relentlessly to make this vision a reality, enabling merchants to expand their horizons and embrace global commerce with confidence.
We also extend our sincere thanks to the Reserve Bank of India for their trust and support in this journey, helping us build a robust and compliant payment ecosystem.
A heartfelt thank you to our merchants, partners, and everyone who has been part of this journey. Your support is the driving force behind our success, and together, we're just getting started! 🌟Here's to empowering businesses, fostering growth, and shaping the future of global payments! 🌍