Apple has put on hold its plans to launch a Unified Payments Interface (UPI)-based payments service in India, owing to concerns over the Reserve Bank of India’s directive on user data storage, as well as, technical and design challenges related to the UPI platform, reports the Economic Times.
The moves comes after Apple reportedly held talks with the National Payments Corporation of India (NPCI) and few leading banks, the report said. According to a senior banker that MediaNama spoke to, Apple has decided to ‘wait for a few more months’ given the fast approaching deadline of the RBI’s directive. The banker also said that the tech giant would prefer to launch a service after regulatory issues pertaining to data storage become clearer.
In April, the RBI mandated that all payments system operators working in India to ensure that the data related to operating payment systems be stored in the country within 6 months. The move would have come into effect from October 15 this year.
The Cupertino based company is also having trouble with the NPCI, as the payments regulator denied Apple permission to include fingerprint as a mode of authentication for payments, the report said. According to NCPI guidelines, a company has to first seek approval from Unique Identification Authority of India (UIDAI) to implement authentication using any kind of biometrics, the report added. MediaNama reached out to Apple for a comment on the matter, however, we haven’t received any response at the time of the publication. We will update the story when and if Apple responds.
Foreign firms fretting over data localisation
Apple is not the only company to have been fretting over RBI’s norms, as WhatsApp’s struggle to launch a payments service in India has also been well documented. However, the Facebook-owned company has several other issues halting its foray into the payments sector in India. Amazon’s plan to launch a UPI based payments service have also been hampered due to the central bank’s data storage norms. It was reported that the Indian government has asked Amazon to set up a server in India ‘on priority’ basis, to store data of its users within the country. Google, which recently revamped its Tez payment service (now called Google Pay), Visa, Mastercard, Paypal are amongst the other major companies which will be affected by the data localisation norms.
Implementing data localisation would come as a strong blow for foreign companies operating in the country because, to set up data centres in India from scratch would not only take a lot of time and cost, but regulations in their home countries may not permit them to do so. They also fear that the central bank’s move could also set a precedent for other countries to implement similar rules at a time when there is heightened scrutiny of how companies globally handle their customers’ data. Industry representatives cited that storing the data only in India would also be a security risk, as in the event of a natural disaster, no one would have access to it if it was all stored in one place.
Mastercard division president (South Asia) Porush Singh said that by having user data located only in India, measures to contain cross-border fraud will be diluted as the analytical software which identifies suspect transactions will not be able to match fraudulent incidents in one part of the world with transactions elsewhere.
Many of these companies have made multiple representations to the central government as well as the banking regulator through the US-India Business Council, a lobby group for US businesses in India. Furthermore, the Payments Council of India (PCI), which has around 100 members, has sought a meeting with the RBI to suggest “alternative solutions which can meet the RBI requirements of unfettered access,” according to a report.
However, some bankers held a different view, “Most of these (payment) companies thought that the RBI would back down and give in to their pressure. After that, they took the help of some interest groups and started lobbying to relax these norms. It would have been better if they had focused on creating data centres in all that while instead of this. At least then, the RBI could have seen their effort and extended the deadlines,” a senior banker told MediaNama. His views are echoed by domestic e-commerce/payment firms, most notably Paytm, which have been repeatedly pushing for local storage of payment system data, as mandated by the RBI. Consequently, payment firms in the industry have been split into two.
Mirroring of data
A possible solution to the problem was letting the international companies store data at their home base as well as in India. Most of these foreign payment companies took a sigh of relief when reports said that the country’s finance ministry has proposed to ease the Reserve Bank of India’s guidelines on storage of payment system data. “Mirroring of data in India along with the country where the data is being currently stored could be a possible solution,” the finance ministry said in a note sent to the central bank and other entities, according to ET. However, the central bank appears to have been unaffected by this, as it did not, either reply to payments companies or to the finance ministry’s alleged request.