MasterCard has told the Reserve Bank of India that it will start deleting the data of Indian cardholders from its global servers, reports PTI. It said that as of October 6,  all new transactions are being stored at its technology centre in Pune. It did not mention when the deletion of data will begin.

MasterCard has warned that the global data deletion could mean the weakening of safety and security over a period of time. MediaNama has reached out to MasterCard for a comment and will update when we hear from them.

The move comes after RBI’s new regulations which require payment companies to store information about transactions by Indian users on servers within the country. The RBI issued the regulation in April 2018, which came into effect on October 16, 2018.

Informing about the move, Porush Singh, India and Division President, South Asia, MasterCard told PTI: 

  • MasterCard is operating in over 200 countries, none of which have asked it to delete data from global servers
  • All the data, including card number and transaction details, would be deleted from everywhere else (except India)
  • The data will be stored in India only
  • MasterCard has submitted the timeline to RBI by which its can comply with the RBI’s regulations
  • The date of data deletion from global servers is not yet decided. MasterCard is awaiting a confirmation from RBI.
  • MasterCard has proposed a date on which it will start deleting the data on a regular basis.
  • Deletion of data is not a simple process. People can dispute the transaction. It also needs multiple players and stakeholders.

RBI’s regulation and compliance by payments companies

RBI in its April 6 circular said:

“All system providers shall ensure that the entire data relating to payment systems operated by them are stored in a system only in India. This data should include the full end-to-end transaction details/information collected/carried/processed as part of the message/payment instruction.”

  • RBI gave global payments companies six months to abide and submit their compliance report by October 15.
  • October 9, WhatsApp also confirmed its compliance with RBI regulations. It said it has built a system that stores the data of its pilot WhatsApp payments project locally.
  • On October 24, Alfred Kelly, CEO, Visa said that as of October 15, Visa is storing data locally.
  • October 30th, Amazon India said that it has started storing payments data locally without mirroring it in its overseas servers.

Read our coverage of card payments here.