Facing a backlash against proposed curbs on storage of debit and credit card data by digital platforms, the Reserve Bank of India has offered an alternative which reduces inconvenience to customers while ensuring safety of transactions.
The above enhancements are expected to reinforce the safety and security of card data while continuing the convenience in card transactions.RBI Release
The move will help payment aggregators and merchants offer digital payments without having to store card data.
In its circular, the RBI reiterated that no entity involved in a transaction, other than card issuers and/or card networks, can store any card data, with effect from Jan. 1, 2022. Any such data which is already stored must be purged by the other entities.
"For transaction tracking and/or reconciliation purposes, entities can store last four digits of actual card number and card issuer’s name, in compliance with the applicable standards," the RBI said, adding the responsibility on compliance of all entities with these guidelines rest with the card networks.
The RBI's initial diktat asking merchants to stop storing card information came in March 2020. The deadline for its implementation has been extended a number of times as industry was unprepared and questions were raised on the inconvenience it would bring to customers.
The regulator explained that its objective continues to be greater security of digital transactions. Any leakage of card-on-file data can have serious repercussions because many jurisdictions do not require additional factor authentication for card transactions. As such, stolen card data can be used to perpetrate frauds, it said.
The introduction of card-on-file tokenisation, while improving customer data security, will offer customers the same degree of convenience as now.RBI Release
The regulator also said contrary to concerns expressed in certain sections of the media, there would be no requirement to input card details for every transaction under the tokenisation arrangement.
RECOMMENDED FOR YOU
POPULAR