Despite opposition from multinational financial services players including those from the United States, the Reserve Bank of India has reiterated that the entire payment data shall be stored in systems located only in India.
The data should include end-to-end transaction details and information pertaining to payment or settlement transactions that is gathered as part of payment instructions.
“There is no bar on processing of payment transactions outside India if so desired by the Payment System Operators (PSOs). However, the data shall be stored only in India after the processing. The complete end-to-end transaction details should be part of the data,” the RBI said in an FAQ document released on Wednesday.
The data may be shared with the overseas regulator, if so required, with due approval of RBI.
Data to be stored include — customer data (name, mobile number, email, Aadhaar number, PAN number, etc as applicable); payment sensitive data (customer and beneficiary account details); payment credentials (OTP, PIN, passwords, etc); and transaction data (originating and destination system information, transaction reference, timestamp, amount, etc).
Clarifying on its April 2018 circular, the central bank also said: “In case the processing is done abroad, the data should be deleted from the systems abroad and brought back to India not later than one business day or 24 hours from payment processing, whichever is earlier. The same should be stored only in India.”
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.