FC-GPR Compliance for Non-Resident...
Foreign Investment in India is allowed for Wholly Owned Subsidiaries, Joint Ventures, and entit...
All of us must have experienced the ease and flexibility of online shopping in India. Moreover, the bill payments, mobile recharge, DTH recharge etc, are taking the route of the electronic way. So you have selected your services or goods to be purchased on a website, everything you selected has been added to your cart, now is the time for payment. This is the moment you are getting directed to the “Payment Gateway” of the site and for payment gateway site must be payment gateway license.
Payment Gateways are intermediate between the banks and the websites facilitating the communication of Transaction information. They conceive information from the payer bank and takes the information to the receiving banks and note their feedback, i.e whether the transaction is approved or declined.
The security of the funds transacted is an integral component of the payment gateways. The sensitive information such as Debit/Credit Card Numbers, internet banking ids, and passwords, etc. need to be protected from any fraud and misrepresentations. It is for this reason that the card associations have created various rules and regulations governing security standards to be followed by anyone getting access to card information such as payment gateways. These rules and standards are called the Payment Card Industry Data Security Standard (PCI-DSS or PCI).
On 17th March 2020, the RBI has laid down some stringent guidelines for regulating payment aggregators and payment gateways vide Circular RBI/DPSS/2019-20/174-DPSS.CO.PD.No.1810/02.14.008/2019-20. The payment aggregators existing as on the date of this circular shall achieve a net-worth of Rs. 15 crores by March 31, 2021, and a net-worth of Rs. 25 crores by March 31, 2023. Moreover, new PAs shall have a minimum net-worth of Rs. 15 crores at the time of application for authorisation and shall attain a net worth of Rs. 25 crores by the end of the third financial year of grant of authorisation. The payment aggregators and gateways have been put under the direct supervision of RBI.
First of all, the browser, which the customer uses for the transaction, encrypts the data to be sent to the vendors’ server. The transaction data is then sent to the payment processor by the payment gateway.
Then, the payment processor sends the data to the card association. The Bank issuing the credit card views the transaction at this point and accordingly agrees or denies.
The authorization pertaining to the merchant and the customer is forwarded to the processor to the Payment Gateway. Once the response is received, it is transmitted to the website to process the payment. The information is interpreted and the payment is generated. All these take only a few seconds of time.
Read More: Process of Online Payment Gateway in India.
They even calculate the amounts of tax in order to authorize request transmitted to the processor.
It is a contract between the business and the payment service provider. Every party involved in the online transactions are guided by the rules and responsibilities stated under this agreement in relation to payment acceptance, authorization, processing, and settlement.
The major providers of electronic transactions, such as Visa and MasterCard, assure secure electronic transactions. SET allows merchants to verify their customers’ payment information without actually seeing it, thus protecting the customer. The information on the card is directly transferred to the company issuing a card for verification.
The first step to be followed for starting a payment gateway business in India is to register your business in India. The business can take the form of sole-proprietorship, partnership or the company. The business of payment gateways is best suited if formed as a private limited company in India. and RBI may impose a reasonable restriction for Financial protection in the Indian financial eco-system.
Secondly, since Service is the main area of operation of the Payment Gateways, therefore, the registration under service tax is mandatory. For this, the business has to acquire the Service Tax Registration Number.
The most important part associated with the payment gateway business in India is the PCI DSS Compliance.
The full form of (PCI DSS) is The Payment Card Industry Data Security Standard. It was launched on September 7, 2006, and contains a widely accepted set of rules and regulations intended to optimize the security of credit, debit, and cash card transactions and protect cardholders against any fraud. The basic purpose of their launch was to manage the ongoing evolution of the Payment Card Industry (PCI) security standards with the focus to improve payment account security throughout in processing the transactions. Payment Gateway license is most difficult and there is certain software-related compliance involved apart from regulatory compliance.
There are two types of payment gateway providers in the Indian market, which enables the businesses to accept payment from national and international customers in Indian National Rupees (INR) with the support of Credit/Debit Card and Net-banking methods. These types are as follow: Payment gateway license can be applied before RBI
Like HDFC, ICICI, and Axis having low Transaction Discount Rate (TDR). It means their transaction fee is low but their setup costs are very high starting from Rs 30,000. For a small business or a start-up, there is no point in going for this category of providers since it would be very expensive initially.
Like EBS, CCAvenue, Payzippy, PayU, Direct Pay – charging setup and annual fee, some even don’t change that. Most of them charge around 2% to 4% Transaction Discount Rate (TDR) + service tax. This rate can be negotiated to some extent by convincing the providers about the future business goals of the concern.
On the whole, setting up the Indian payment gateways is very time consuming, involves lots of paperwork and bureaucratic intervention. The payment gateways have tie-ups with various banks like HDFC, Citibank, etc. If a bank refuses, then the payment gateway coordinates with some other partner bank for the registration of merchant agents. The payment gateways also determine the risk-taking the ability of the merchants.
For more information click here or send us an email at firstname.lastname@example.org.
Recommended Article: Legal Framework in India for Payment Gateway.