Addressing concerns around data localisation, MasterCard CEO Ajay Banga said the challenge with localisation is not the expense, but that the data loses its predictive power once it is balkanised, compared to data that is shared across countries. Banga was addressing an investor query in the Q1 earnings call held two weeks ago. With localisation, Banga said, “you end up with data that loses its predictive power compared to the wealth of data that generates much higher predictive power when it’s combined across many more countries, many more types of transactions, and many more types of consumers.”
Installing servers in India not a big deal: “Putting a few more servers on spot in a country, even one as large and populated as India, is interesting but not really a big deal,” he said, explaining that data localisation in India has real policy ramifications, and that other countries that engaged with MasterCard realised that data localisation may not be to their benefit.
But more data means more predictive power: “If you talk to anybody in the space of AI, or machine learning, or good old-fashioned data analysts, you’ll find that they will tell you that the more the data, the more the variety of data, the more widespread and ubiquitous the data you get, the better the predictive power,” Banga said. The government has justified data localisation as needed for law enforcement to access data for national security concerns. However, according to Banga, countries balkanising data may say they are doing it for security reasons, but it isn’t completely clear if it actually gives them better security “on predicting for fraud and anti-money laundering and capabilities on that front than data which is more widely shared”.
Banga stated that MasterCard “will comply and we are compliant in India” but “it’s our job to try to educate them to what we think and it’s their job to decide what’s right for them”.
MasterCard has warned of safety and security weakening due to localisation
Banga’s comments come just as MasterCard revealed that it has started to delete transactions data of Indian consumers from its US servers and is saving the same in India, reports BusinessLine. It expects to complete the de-duplication exercise by the end of 2019; and by 2020 and early 2021, the company plans to create a global technology node in India after which data processing will also occur in the country. Ari Sarker, MasterCard’s co-president for APAC, reiterated that the company has been in discussions with the RBI and there is “complete commitment” to comply with the payments data localisation directive.
The current process of data de-duplication is being carried out in three phases because its “fairly complex as it is not about just putting a few servers here in India,” said Sarker. In phase one, data relating to tokenisation will only be available in India. India will be the first country outside of the US where all of MasterCard’s processing, authentication, tokenisation, and other core transaction services will have a presence (in the next two years).
MasterCard is among the foreign payment companies which called for relaxation of the RBI’s localisation directive. Although it eventually complied with it, it had warned in December that the global data deletion could mean the weakening of safety and security over a period of time. It’s worth noting that MasterCard will use $350 million of its $1 billion investment in India to set up a local payments processing centre to comply with the RBI’s data localisation directive. The processing centre is expected to open in the next 18 months, most likely in Pune, and will be Mastercard’s first outside the US.