If you are a merchant who already PCI/DSS compliant, here is what you need to do to stay RBI compliant,

  • Merchants who were saving the card number on their own servers, will also have to either integrate with individual card schemes and become a token requestor themselves or integrate with Token Vault where Cashfree Payments will be a token requestor on merchant’s behalf.
  • PCI/DSS compliant merchants have to delete the already saved cards with them as RBI does not allow bulk tokenization of cards.