Advisory Services
Audit
Consulting
ESG Advisory
RBI Registration
SEBI Registration
IRDA Registration
FEMA Advisory
Compliances
IBC Services
VCFO Services
Growing
Developing
ME-1
ME-2
EU-1
EU-2
SE
Others
Select Your Location
The Reserve Bank of India recently extended the deadline for the implementation of new rules for payment gateways and for online merchants. RBI stated that it received several representations from the industry seeking additional time for implementing the new rules. Therefore it decided to extend the timeline for non-bank payment aggregators by six months- till 31st December 2021. In this article, we shall have an overview of the RBI notification in this regard and also look at the rules issued by RBI.
Table of Contents
On March 17, 2020, the Reserve Bank had issued certain guidelines for payment gateways and payment aggregators that barred them from storing customer data and such data on their servers. The guidelines further barred payment aggregators from storing card credentials of customers on their databases or on servers that were accessed by merchants.
However, RBI released another notification on March 31st, 2021, stating that it received several representations seeking additional time for implementing these instructions as most banks were not ready to implement the new rules. The new rules were set to commence from 1st July 2021. Therefore the Reserve Bank, as a one-time measure, decided to extend the timeline for non-bank payment aggregators by six months for its implementation. This has been extended with a view to provide the payment system providers and participants to put in place workable solutions such as tokenization.
This aims to improve the safety and security of the payment system. Tokenization[1] means replacement of actual card details with a unique alternate code called as token. It will be unique for a combination card, token requestor, and identified device.
Instead of using the details of the actual card, this token is used to do card transactions in a contactless mode at point of sale terminals and for quick response code payments.
With the implementation of the new rules, it would mean the next time you transact online, you would be required to go through the complete process of selecting the card type, entering the name as on the card, and entering the card number before you enter your CVV number and OTP to complete a transaction.
Now this means the ease with you used to sail through the transaction process is no more available. This would mean carrying your card physically or memorizing the card credentials to be able to transact at anytime by keying in all necessary details.
Here we need to note the intent and the objective behind this move. The objective of RBI is to strengthen customer safety and security of the transaction due to an increase in fraud cases and hacking. Here the convenience of online payment may become a casualty. Consumers would be required to carry cards which runs the risk of offline theft. The ease of payments caused many to get onboard to the internet bandwagon to order their necessities, especially during lockdown.
However, with the new rules, the convenience is somewhat reduced. Through a few clicks, they have helped in undertaking multiple activities that would not have been possible without stepping out. With the implementation of new guidelines, businesses that completely rely on online payments are left scratching their head as the switch would bring down transaction efficiency and convenience.
Industry experts also believe that not allowing merchants to store data will not just inconvenience customers but can also disrupt the digital payments ecosystem and cause system fragility issues. Customer internet companies like Flipkart, Amazon, Netflix, Zomato, and Microsoft reached out to the central bank expressing concerns surrounding the impact on customer payment experience if they are not exempted from this new rule.
They had further asked for an extension, but the Reserve bank at that point rejected the merchants demand to defer the rule. Experts stated that in case the new rules are enforced in their current form, customers would experience increased friction in subscription based services which requires companies to store data so that they are able to bill consumers on a recurring basis.
From next year onwards, merchants would ask customers for their card information in every billing cycle which can cause inconvenience to customers and disrupting businesses.
It is worth noting here that customer safety can’t be compromised with, but the rules and regulations should be drafted in a way that doesn’t discard the ease of operations. Here the path to follow should be to introduce robust data security measures and employ mechanisms to keep customers’ data safe.
Now that the Reserve bank has postponed the implementation of new rules for non-bank payment aggregators, which was to kickoff from 1st July 2021, it would provide some sort of relief for top merchants from the inevitable. Now the implementation of the new rules would be made in 2022.
Read our article:Guidelines mandated by RBI on Regulation of Payment Aggregators
Ashish M. Shaji has done his graduation in law (BA. LLB) from CCS University. He has keen interests in doing extensive research and writing on legal subjects especially on corporate law. He is a creative thinker and has a great interest in exploring legal subjects.
The Financial Action Task Force, i.e. FATF (the Force), is the global money laundering and terr...
Advance tax refers to the payment of the tax liability before the end of the relevant financia...
On 11.12.15, the Hon’ble Delhi High Court (HC) pronounced a landmark judgement in the case ti...
Money laundering can be defined as the process of illegal concealment of the origin of money ob...
Every assessee in India is obligated to file an income tax return and make the timely payment o...
In the recent past, India has seen burgeoning demand for internet and smartphones. The rapid ri...
The Securities and Exchange Board of India (SEBI), the capital markets regulator, has recommend...
The objective of the enactment of the Prevention of Money-laundering Act, 2002, i.e. PMLA (the...
Tax planning is a continuing effort and a management strategy for ensuring the minimization of...
On 18th May 2023, the Securities Exchange Board of India (SEBI) released a Consultation Paper o...
Are you human?: 2 + 8 =
Easy Payment Options Available No Spam. No Sharing. 100% Confidentiality
The RBI governor Shaktikanta Das announced that the central bank has proposed to increase the limit of contactless...
04 Jan, 2021
Recently the Reserve Bank of India announced the operationalisation of the Payments Infrastructure Development Fund...
08 Jan, 2021
Red Herring Top 100 Asia enlists outstanding entrepreneurs and promising companies. It selects the award winners from approximately 2000 privately financed companies each year in the Asia. Since 1996, Red Herring has kept tabs on these up-and-comers. Red Herring editors were among the first to recognize that companies such as Google, Facebook, Kakao, Alibaba, Twitter, Rakuten, Salesforce.com, Xiaomi and YouTube would change the way we live and work.
Researchers have found out that organization using new technologies in their accounting and tax have better productivity as compared to those using the traditional methods. Complying with the recent technological trends in the accounting industry, Enterslice was formed to focus on the emerging start up companies and bring innovation in their traditional Chartered Accountants & Legal profession services, disrupt traditional Chartered Accountants practice mechanism & Lawyers.
Stay updated with all the latest legal updates. Just enter your email address and subscribe for free!
Chat on Whatsapp
Hey I'm Suman. Let's Talk!