Case study · RAZORPAY · 2022
Saved Cards Portal
An online portal that gives users one place to see and control every card saved across merchants.
Context
Razorpay powers payments for millions of Indian businesses, so a single shopper ends up with their card saved across dozens of merchants they may not even remember. With the RBI's card‑tokenization mandate approaching, how cards are stored, surfaced, and consented was about to change for the entire ecosystem.
Problem
Users had no single place to see which cards were saved where, and no easy way to take it back. That created a real trust gap and compliance issues:
- No visibility. Cards were saved silently at checkout, users couldn't see the full picture across merchants.
- No control. Removing a saved card through each merchant individually was not possible.
- Regulation incoming. Tokenization and explicit consent were becoming mandatory, and the current experience met neither.
Challenges
- Security vs. clarity. Showing enough for a user to recognise a card, without exposing sensitive data, meant careful choices about masking and labelling.
- Cross‑merchant complexity. Users' saved cards and merchants had many‑to‑many mapping. So the cards and merchants had to read as one coherent, trustworthy list, not a confusing pile of duplicates.
Solution
I owned the end‑to‑end designs, user flows, information architecture, final UI. Users didn't fear saving cards, they feared not being able to undo it. That reframed the goal from "meet the mandate" to "make saved cards feel like something the user owns." Finally, I shipped;
- One place for every card. A single portal lists every saved card with the merchants it is saved at.
- Control in one tap. Clear card / website selection and delete actions, with simple explanations of what it does.
- Tokenization, made legible. Consent and tokenization are framed as user benefits and safer cards.
Impact
The portal shipped fully compliant with the RBI tokenization mandate while giving users a single place to see and control their saved cards. Card‑save opt‑in rose, saved‑card support tickets dropped, and millions of cards were brought under clear user control.
Reflection
What I'd do differently: we framed the portal as a compliance deliverable first and a user benefit second. Leading with the trust story, "see and control your cards", from day one would have aligned stakeholders faster and shaped a sharper product.
Go deeper
See the live experience and the card control and management flows. If you have ever saved cards during Razorpay checkout, you'll find them here.