RBI gives companies six months more to stop storing your card details

Mumbai: The Reserve Bank of India has postponed the implementation of new rules for payment gateways and online merchants that would prohibit them from storing customers’ card details. Most banks are not ready to implement the new rules, which were set to kick in from July 2021. They will now come into force in January 2022.

The central bank said it extended the deadline to allow banks and other stakeholders to make alternate arrangements such as tokenisation to minimise inconvenience to customers.

Liking this story?

Get one mail covering top tech news of the day in under 5 minutes!

Thank you for subscribing to Tech Top 5

We’ll soon meet in your inbox.

Please wait…

“Based on the representations received from the industry seeking additional time for implementing the above instructions, it has been decided, as a one-time measure, to extend the timeline for non-bank PAs by six months, i.e., till December 31, 2021, to enable the payment system providers and participants to put in place workable solutions, such as tokenisation, within the framework set out,” the RBI said in a circular issued on Tuesday.

Tokenisation refers to the replacement of actual card details with a unique alternate code called a token. The use of the technology will be subject to consent of both the user and the card provider.

The RBI’s guidelines for payment gateways and payment aggregators, introduced in March 2020, barred merchants from storing “customer card and related data” on their servers. The guidelines also barred payment aggregators from storing customer card credentials on their databases or on servers accessed by the merchant.

Industry experts said that not allowing merchants to store card data will not only inconvenience customers but also disrupt the digital payments ecosystem and lead to system fragility issues. Accordingly, several top merchants including Amazon, Netflix, Microsoft, Flipkart and Zomato had reached out to the RBI for an extension in February.

However, the RBI at the time rejected the demand of these merchants to defer the rule. Experts said that if these rules were enforced in their current form, customers would see increased friction in subscription-based services, which require companies to store card data so they can bill consumers on a recurring basis. Without this data, merchants will have to ask customers for their card information in every billing cycle, causing inconvenience to customers and disrupting businesses.

But, the experts added, tokenisation would allow banks and merchants to bypass this friction. Most lenders are learnt to be in advanced stages of testing this technology for mass adoption.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *