wordpress blog stats
Connect with us

Hi, what are you looking for?

Mastercard calls for relaxation of payment data storage norms

Mastercard has called for the Reserve Bank of India (RBI) to relax its guidelines on storage of payment system data, which comes into effect from October 15, 2018, a report by the Economic Times said. In particular, Mastercard is hoping that payment companies are allowed to transfer or store user data outside India in a bid to help prevent international fraud.

The Central bank, in April, has mandated all payments system operators working in India to ensure that data related to payment systems operated by them is stored in the country. “It is observed that at present only certain payment system operators and their outsourcing partners store the payment system data either partly or completely in the country,” the RBI said in a report during April’s Monetary Policy meeting. “In order to have unfettered access to all payment data for supervisory purposes, it has been decided that all payment system operators will ensure that data related to payment systems operated by them are stored only inside the country within a period of six months,” the report added. It is important to note that the RBI has allowed data of international transactions to be stored outside the country if need be.

While the directive is considered to be on par with data storage and oversight rules followed in other Asian countries like China, Japan, Malaysia, another report by ET said that it is a standard practice, globally, to have backup data centres in another location for disaster recovery and ensure business continuity in case of catastrophe.

Relaxing norms will help contain cross-border fraud

According to Mastercard division president (South Asia) Porush Singh, by having user data located only in India, measures to contain cross-border fraud will be diluted as the analytical software which identifies suspect transactions will not be able to match fraudulent incidents in one part of the world with transactions elsewhere.

“The point we are making is that storing in India versus storing only in India will enable measures to help contain cross-border fraud,” he said to ET. According to Singh, if the RBI directive stated that data should be stored in India rather than ‘only in India’, compliance would be easier by having servers mirror the transactions.

Advertisement. Scroll to continue reading.

Industry divided over RBI’s norms

Media reports earlier in the year also pointed out that multiple international payment service providers wrote to the RBI, asking the central bank to reconsider its guidelines. Furthermore, The Payments Council of India (PCI), which has around 100 payments firms as its members, has sought a meeting with the RBI to suggest “alternative solutions which can meet the RBI requirements of unfettered access”, according to a report by Money Control. According to the report, PCI has stressed that many online payments companies and members are not convinced by this decision. It says that while some of its members are fully in favour of storing data within the country, a bunch of them want some relaxations. There are also members who are completely not in favour of the same.

It is widely believed that Indian payment players like Paytm and PhonePe are in support of the central bank’s regulation, while foreign firms like MasterCard and Visa are against it as they store transactions data outside of India. Some media outlets went on to say that data is often stored on cloud networks and that some foreign firms were bound by laws of their home countries.

“What RBI is doing is heavyhandedness. A regulator should not bring about such fundamental changes without consultation with a cross section of affected parties,” said Subho Ray, president of Internet and Mobile Association of India (IAMAI) according to a report by ET.  American technology corporations such as Google and Facebook are members of the IAMAI.

On the other hand-

“The directive to process and store data only in India will help curb the potential misuse and enable active regulatory monitoring. It will definitely boost customers’ confidence in moving to digital payments without worrying about the security of their personal data,” said Kiran Vasireddy, the chief operating officer of Paytm.

Advertisement. Scroll to continue reading.
Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



While the market reality of popular crypto-assets like Bitcoin may undergo little change, the same can't be said for stablecoins.


Bringing transactions related to crypto-assets within the tax net could make matters less fuzzy.


Loopholes in FEMA and the decentralised nature of crypto-assets point to a need for effective regulations.


The need of the hour is for lawmakers to understand the systems that are amplifying harmful content.


For drone delivery to become a reality, a permissive regulatory regime is a prerequisite.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ