Having failed to upgrade their systems to comply with new RBI rules, banks, card companies and online vendors will have to depend on a single company to process recurring payments for the next few months. Expect problems.
Also in today’s letter:
📲 RBI responds to data hacks
💊 Pharma majors plan online foray
🤳 ‘Feed the trolls’ to ‘bleed the trolls’
One gateway to rule them all
Online payment gateway BillDesk will enjoy a virtual monopoly on processing recurring payments over the next few months.
Why’s that? The Reserve Bank of India had given banks, card networks and online vendors until March 31 to comply with new rules, including mandatory two-factor authentication, for customers’ recurring payments through debit and credit cards.
- The new rules require these entities to send customers a notification one to five days before their recurring payment is due, with an option to opt out of the transaction. For recurring payments of over Rs 5,000, banks will also need to send customers a one-time password.
- Major banks and vendors weren’t ready for the changes and had sought more time, but the RBI refused.
Solution: BillDesk’s readymade platform Standing Instructions (SI) Hub, which it built last year with Visa, will come in handy for banks and others looking for a readymade alternative that doesn’t require them to revamp their own systems.
- “Nearly all leading banks, including HDFC Bank, ICICI Bank, Axis Bank and State Bank of India, are in the process of enrolling on SI Hub in the absence of an alternative,” a source said.
Yes, but: Even with BillDesk’s SI Hub, most autopay transactions are expected to fail in the first couple of weeks as banks are not ready to go live on the platform immediately.
Windfall: BillDesk is expected to charge a processing fee of Rs 1.50 to Rs 3 per transaction.
- “Over Rs 2,000 crore worth of recurring transactions are processed through SI mandate on cards. No other payment aggregator or bank in India has built a platform like SI Hub, which means BillDesk will have a near-monopoly in processing recurring payments for at least the next few months till alternatives emerge,” the source added.
Costly delay: The RBI first announced the new rules for processing recurring payments in August 2019. But most banks have not updated their systems yet “as the design flow is complex,” industry insiders told us.
Payment data hacks prompt new RBI rule
After a slew of cybersecurity breaches at Indian startups over the past few months, the RBI has tightened its rules for payment companies and how they store customers’ data.
Compliance certificates: From April 1, all licensed payment system operators will have to submit detailed ‘compliance certificates’ to the central bank twice a year.
- These must be signed by their CEOs or managing directors and confirm that the company has complied with all RBI rules on the storage and security of payments data.
- The RBI wants these certificates to be submitted on April 30 and October 31 every year for the period ending March 31 and September 30, respectively.
This is in addition to rules that the RBI issued in April of 2018, which required all payment system operators to submit:
- A board-approved annual system audit report (SAR) by CERT-empaneled auditors.
- A one-time report stating that the company is in compliance with the RBI’s data localisation rules, which say that the payments data of Indians and Indian companies should be stored on servers located in India.
Here a hack, there a hack: We reported yesterday that several independent cybersecurity researchers have said that the personal data of over 10 crore customers of wallet firm Mobikwik is being sold on the dark web. But the company claimed the data did not come from its servers, calling the researchers “media-crazed” and accusing them of presenting “concocted files” as evidence.
- After an attack on payment aggregator Juspay in January, the data of over 10 crore customers was allegedly leaked and sold on the dark web for just $6,000 (Rs 4.4 lakh) in bitcoins.
- The data of 90 lakh card users was leaked after separate attacks on the servers of Noida-based e-marketplace ClickIndia and Gurugram-based neobank Chqbook earlier this year.
Tweet of the day
Pharma majors plan online foray
India’s top pharmaceutical firms including Sun Pharma, Cadila Healthcare, Lupin and Torrent Pharma are likely to band together to acquire business-to-business healthcare platform Pharmarack.
According to regulatory filings, each company has invested Rs 40 crore for a 20% stake in a newly formed venture that will acquire Pune-based Pharmarack.
Why it matters: The digital platform, which has onboarded as many as 3,000-4,000 pharma distributors and 100,000 retailers, will provide the technological backbone the pharma companies need as they look to build their own online business-to-business marketplace and eventually an online pharmacy.
- The consortium has appointed KPMG to draw up a strategy to build an online pharmacy to compete with Reliance-owned Netmeds; 1mg, which is being acquired by the Tata Group; Prosus-backed Pharmeasy; Amazon and Apollo Pharmacy.
The online pharmacy sector has clocked massive growth during the Covid-19 pandemic. According to Frost & Sullivan, e-pharmacies made inroads into about 9 million households in the country due to the lockdown, and are is expected to reach 70 million households by 2025. Before the pandemic, only 3.5 million households had used e-pharmacies.
India freezes ByteDance’s bank accounts
The government has frozen the bank accounts of TikTok’s parent company ByteDance on tax evasion concerns.
Why it matters: The development comes two months after the government permanently banned TikTok, leading to the shutting down of its India operations. ByteDance has contested the ban in a Mumbai court, arguing that the decision is an abuse of the legal process and will make it harder for it to pay salaries and taxes, Reuters reported on Tuesday.
Two of ByteDance India’s bank accounts — with Citibank and HSBC — were blocked by the authorities for alleged evasion of certain taxes in online advertising dealings between its India unit and TikTok Pte Ltd — its parent entity in Singapore, Reuters reported, citing sources.
ByteDance still has around 1,300 employees in India, most of whom service its overseas operations and moderate content.
Top women creators’ new mantra: bleed the trolls
It’s hard for anyone to escape trolling on the internet, but the extent and nature of hate gets disturbingly heightened when directed at women.
Body-shaming is probably the worst a troll can do to most male creators. But for women creators, it is common to receive abusive sexual remarks, including violent rape threats, in their comments and messages.
Fighting back: Of late, many top women creators are taking harassment from trolls head-on, primarily because of how rampant it has become. They are also capitalising on it by using several trending formats, and their wit, to create content out of the hate they receive in the form of lewd messages and comments from users.
Large IT firms stare at vacant roles
Some large IT services providers are looking at hundreds of vacant positions across client projects as demand for talent spirals across the IT-BPM industry.
Infosys, India’s second-largest software services exporter by revenue, has a few hundred vacant positions for one of its key clients, while Cognizant is seeing a shortage of talent for some key clients.
Called it: ET reported last week that India’s IT-BPM industry is likely to face higher attrition rates this year due to growing demand for talent, as they seek to fulfil large outsourcing orders and multinationals shift more work to captive units. The technology services industry saw 12% attrition in 2020 amid the pandemic-induced slowdown. By the end of 2021 however, the IT-BPM sector is likely to see a 22% attrition rate.
Top Stories We Are Covering
PayPal launches crypto checkout service: PayPal Holdings Inc has started allowing US consumers to use their cryptocurrency holdings to pay at millions of its online merchants globally, a move that could significantly boost use of digital assets in everyday commerce.
Wipro ropes in former Walmart, PayPal executive Subha Tatavarti as CTO: The San Francisco, US-based IT industry veteran has joined Wipro from Walmart and before that worked with PayPal for more than 10 years. Tatavarti was senior director of technology commercialization at Walmart and last served as Head of product, data platform and infrastructure at PayPal.
Global Picks We Are Reading