The headline is kinda misleading.
They can store credit card information, but they can only do that in tokenized format instead of the current way of storing.
Tokenized format hides the number and other information making it more secure.
You can read more about it here https://www.thequint.com/explainers/rbi-allows-card-on-file-...
To be clear, I am commenting on the difference between:
"Recurring payments work by storing credit card info in tokenized form, which is still allowed".
vs.
"Recurring payments work by storing a token instead of credit card information."
Those both answer the question, but they say different things on whether "credit card information" is stored. And they say different things about whether the headline is misleading.
To use card tokens for any kind of payment, you need to integrate with some kind of card data vault, which this rule seems to also prohibit. It seems to be instructing the card brands to issue unique tokens for ever cardholder + merchant pair. No idea how that would work…
That number needs to be mapped to the PAN, and somebody has to have stored that PAN somewhere in order for it to be used to process payment. This rule says nobody other than the issuer and the card brands are allowed to store the PAN.
Sure, that's why you get the token from the issuer or card brand. That way there's only one entity that stores the PAN, and no third parties are storing it.
To quote the article linked above, "The central bank said the facility of tokenisation shall be offered by TSPs only for the cards issued by/affiliated to them."
