Last month, RBI released guidelines asking all payment system operators to ensure that data is stored only within the country, and comply with the order by October 15, 2018.
Even as companies such as Paytm and PhonePe are supporting the RBI’s notification asking all payment system operators to ensure that data is stored only within the country, not all payments firms seem to be on the same page.
The Payments Council of India (PCI), which has around 100 payments firms as its members, has sought a meeting with the RBI to suggest “alternative solutions which can meet the RBI requirements of unfettered access”. There was no clarity on the names of these firms or the suggestions they want to share. Moneycontrol has a copy of the letter sent to the RBI.
Last month, RBI released guidelines asking all payment system operators to ensure that data is stored only within the country, and comply with the order by October 15, 2018.
In the letter, PCI has stressed that many online payments companies and members are not convinced by this decision. It says that while some of its members are fully in favour of storing data within the country, a bunch of them want some relaxations. There are also members who are completely not in favour of the same.
“Payments Council of India representing various diversified sectors in payments, we have got a divided response on the notification from our members. The responses received from members can be grouped into 3 classes being — fully in favour, partially in favour with certain relaxations and not in favour.
“We would therefore request you to kindly grant us an appointment for a meeting to put across the concerns of the impacted members and suggest some alternative solutions for achieving a common goal of ensuring trust and security for digital payment systems in India,” PCI wrote in the letter.
According to PCI, some of the members think that storage of data only in India will not be in the best interest of the payment ecosystem.
“This will give way to a lot of issues as payment systems nowadays are fully connected globally to achieve greater operational efficiency and safeguard transactions against frauds, systemic risks or a single point of failure,” PCI wrote.
“Patterns of fraudulent activity which are collected from all over the world and analysed in a centralised location help to improve fraud-prevention technology through big data analytics, which ultimately benefits Indian citizens,” it added.
Industry leader in the online payments space, Paytm is among those companies who have been very vocal about the importance of storing data within the boundaries of the country.
According to Paytm, India has enough technology and manpower resources to support this migration. It also says that when the data is processed and stored in multiple geographies there’s a lack of clarity as to which country’ data laws will be applicable to it.
Flipkart’s payments firm PhonePe too supports the RBI guidelines. The company believes that processing any data outside the country leaves behind an imprint of the same on the servers through which it is processed and hence defeats the purpose of data localisation.
“There should be no data replication outside the country as the geographical spread of India provides enough room for creating alternate infrastructure and ensure business continuity. Any player therefore interested in contributing towards the long-term growth of payments in India should also be willing to invest in building the infrastructure locally here,” said Hemant Gala, head of payments and banking relations, PhonePe.
“Even from the perspective of fraud and risk management, since all the data is emerging from the country global best practices can all be incorporated in local risk management tools. The amount of data that is generated in India now and in the future would be sufficient for companies to build a strong risk management framework,” he added.
Rishi Gupta, chief executive officer and managing director of Fino Payments Bank, told Moneycontrol that if the data is stored within the boundaries of a country, it becomes much easier to control it. He also added that when all the companies will start doing it, it will only lead to more investments in technology infrastructure.
