gujarat banner
Homepersonal finance News

RBI not dropping card data storage proposal; users have to feed details for every purchase: Report

RBI not dropping card data storage proposal; users have to feed details for every purchase: Report

RBI not dropping card data storage proposal; users have to feed details for every purchase: Report
Profile image

By CNBCTV18.com Aug 20, 2021 6:08:23 PM IST (Published)

The regulation, effective from January 2022, states that all debit and credit card holders in India are required to enter their 16-digit card numbers every time they make an online transaction and payment operators are not allowed to store such data.

The Reserve Bank of India (RBI) has rejected a proposal made by payment gateway companies with regard to a new regulation that may kick in from January 2022. The regulation states that all debit and credit card holders in India are required to enter their 16-digit card numbers every time they make an online transaction and payment operators are not allowed to store such data.

Recommended Articles

View All

Currently, merchant sites and payment gateway companies allow millions of card holders to store their details asking them to only authenticate transactions with CVV (card verification value) and a one-time password (OTP).
Sources have told the Economic Times that the RBI has rejected the demand. The RBI had wanted to implement this rule in July 2021, but the implementation had to be postponed by six months after banks said they were not ready.
The RBI had introduced guidelines in March 2020 for payment gateways and payment aggregators barring merchants from storing “customer card and related data” on their servers. The central bank had also prevented payment aggregators from storing customer card credentials on their databases or on servers that are accessed by merchants.
If the new rules, effective January 2022, are enforced, even authorised card operators will not be able to access data for smooth processing of chargebacks, grievances, and resolving issues.
The guidelines are aimed at customer safety as the current system, though smooth, is prone to hacks, breaches, and cyber risks. This is because customer card details are being stored in authorised merchant servers that are not under the purview of the RBI.
The Payments Council of India (PCI), which is opposing this move, has recommended alternative solutions stating that customers would find it problematic to manually key in the details every time they make a transaction and it would be even more cumbersome if it is a recurring monthly payment.
Companies such as Amazon, Microsoft, Netflix, Flipkart and Zomato, who store customers' credit card data, will be the most affected.
Check out our in-depth Market Coverage, Business News & get real-time Stock Market Updates on CNBC-TV18. Also, Watch our channels CNBC-TV18, CNBC Awaaz and CNBC Bajar Live on-the-go!