Introducing CCAvenue TokenPay: A multi-network
tokenisation solution
for secure payments
Continue offering your customers the convenience of a saved card transaction with enhanced security through multi-network tokenisation in line with the latest RBI guidelines on card storage.
CCAvenue Tokenisation
An end-to-end integrated solution for multiple networks
Multi-network
Token Requestor Multi-network Token Requestor
CCAvenue is a multi-network token requestor without the need for additional certification with individual schemes.
Single
Integration Single Integration
Enable token provisioning, token retrieval, token management and token processing through our unified platform without multiple integrations.
Multiple
Gateway Support Multiple Gateway Support
Use CCAvenue issued tokens to process transactions across multiple payment systems without any hassle.
Easily
Auto-enabled Easily Auto-enabled
Enable tokenisation without any integration changes for CCAvenue payment page and customised checkout pages.
Easy Recurring
Payments Easy Recurring Payments
Integrate with us and process token-based transactions across multiple payment gateways.
Scalable
APIs Scalable APIs
Automate and scale your operations with developer-friendly APIs.
How Token Provisioning Works?
How Token Provisioning Works?
Unlock the benefits of tokenisation
Strengthened Security
Enhances payment security by replacing customer card numbers with merchant specific unique irreversible Tokens, minimizing risk of card data leaks & frauds significantly.
Improved Success Rates
Enhances user experience and improves conversions by reducing abandoned carts and failure due to errors in manual card data inputs.
100% RBI Compliant
Continue offering the saved card experience by converting your customers' saved cards into secure tokens in compliance with the RBI guidelines.
Business Continuity
Ensure continuity for your business growth and payments without any disruptions or glitches.
Frequently Asked Questions
What is Tokenisation?
What is Tokenisation?
Tokenisation is the process of substituting the 16-digit sensitive static card number / original Primary Account Number (PAN) with a unique irreversible digital identifier known as a 'Token'. Tokenisation helps in strengthening security and allows customers to store their card details in a secure and compliant manner without compromising their sensitive data. Tokens further reduces the risk and impact of card data leaks and fraudulent activity.
What is the recent RBI guideline on card storage?
What is the recent RBI guideline on card storage?
The recent RBI guideline on Card-On-File Tokenisation (CoFT) (circular No. CO.DPSS.POLC.No.S-516/02-14-003/2021-22 dated 7th September 2021) prohibits online merchants, acquiring banks, and payment gateways/aggregators from storing customer card information on their servers. With effect from 1st January 2022, Card Networks and Card Issuers are the only entities permitted to store customers' card data and issue unique irreversible tokens to ensure secure encryption of the card information.
What is CCAvenue TokenPay?
What is CCAvenue TokenPay?
CCAvenue TokenPay is an end-to-end solution for merchants to allow their customers to continue saving cards via network issued tokens in compliance with RBI recommended framework. It is a multi-network tokenisation solution, which enables token provisioning, token retrieval, token management and token processing through a unified platform without multiple integration.
Why should businesses opt for CCAvenue TokenPay?
Why should businesses opt for CCAvenue TokenPay?
Businesses must opt for CCAvenue TokenPay to continue offering a quick checkout experience to their customers by converting their saved cards into secure network issued tokens as mandated by RBI. However, post 31st Dec 2021, businesses who have not implemented the tokenisation solution will no longer be able to offer a saved card experience on their checkout pages. Customers will have to enter complete card information for every transaction leading to poor user experience, lower conversions due to abandoned carts and failure due to errors in manual card data inputs.
Who can save cards as per the new guidelines?
Who can save cards as per the new guidelines?
As per the recent RBI guideline, Card networks & Card issuers are the only entities allowed to store customers' card data. Payment aggregators, payment gateways, acquiring banks and merchants can now only store a tokenized card.
Can businesses store Tokens instead of Cards?
Can businesses store Tokens instead of Cards?
Merchants who are using CCAvenue Vault to save their cards, can continue the same the tokens generated for the vault as before. However only PCI DSS compliant Merchants can store Network Tokens.
Will a token created for a customer card be unique for a business?
Will a token created for a customer card be unique for a business?
Yes, a token created for a customer card will always be unique to a business. A token generated on one merchant's website / app cannot be used on another merchant's website / app. This means, one customers' card will have multiple tokens generated for different businesses.
Is customer consent required for saving or creating a token?
Is customer consent required for saving or creating a token?
Yes, customer consent and an additional factor of authentication (AFA) is required for saving or creating a token.
Who can be a Token Requestor?
Who can be a Token Requestor?
CCAvenue can become a Token Requestor for a merchant. Merchants will integrate with CCAvenue TokenPay and CCAvenue would be integrating with all the networks (Visa, Mastercard, RuPay, American Express & Diners).

A business can also become a Token Requestor but they must be PCI DSS compliant and must undergo periodic audits. If a business wishes to connect directly to the networks as a Token Requestor, it entails integration and certification with each individual network. CCAvenue TokenPay can ease this process for the businesses by provisioning multi-network tokens through a single integration.
What are the benefits of tokenisation?
What are the benefits of tokenisation?
  • Protects customer's card data and strengthens payment security.
  • Minimizes the risk of card data leaks & frauds significantly with merchant specific unique irreversible Tokens.
  • Enhances the user experience by offering the saved card checkout through secure tokens.
  • Improves conversions by reducing abandoned carts and failure due to errors in manual card data inputs.
What information can businesses continue to store and display to the customers?
What information can businesses continue to store and display to the customers?
Businesses can continue to store the last 4 digits of the actual card number and issuing bank name. The same will be displayed to the customers.
How will tokenisation affect the customer checkout experience?
How will tokenisation affect the customer checkout experience?
The customer checkout experience will have minimal impact. All customers who have given consent to tokenise their cards will continue to have a seamless saved-card checkout experience by entering only their CVV. However, customers who choose not to tokenise their card, must manually enter their payment card information for every transaction.
Can CCAvenue issued tokens be used to process payments via other payment systems?
Can CCAvenue issued tokens be used to process payments via other payment systems?
Yes, CCAvenue issued tokens can be used to process payments across multiple Payment systems without any hassle. If a Business wishes to use CCAvenue to provision tokens for processing on other payment gateways this is also possible, but then the business must mandatorily be PCI compliant and must perform prescribed security audits. Also they would need to incorporate additional transaction level api calls for runtime security parameters.
What integration changes are required to be done as a CCAvenue merchant?
What integration changes are required to be done as a CCAvenue merchant?

Businesses using CCAvenue Payment Page, CCAvenue iFrame and Customised Checkout Pages can enable tokenisation without any integration effort. CCAvenue TokenPay has been auto-enabled for these businesses.

Merchants using seamless APIs for payment processing or recurring payments or CCAvenue vault can continue to use the current apis for and the network tokenisation for saved cards will be seamlessly handled at the CCAvenue end.

Simple pricing, no hidden charges
CCAvenue TokenPay is available to CCAvenue merchants at a nominal pricing without any hidden charges
One-Time Setup Fee
Waived off till 31st March, 2022
 20,000*
Token
Provisioning / Migration / Deletion
 1.25*
Token
Cryptogram
 0.20*
* Taxes as applicable will be levied
Please note that pricing may be revised later