Mumbai: E-commerce companies and other companies that receive online payments will now have six more months before they have to delete credit card data from their system.
Reserve Bank of India on Thursday said that it was extended with a six-month time limit for non-bank payment aggregators and traders to clean the card data they had saved.
The central bank also allows the payment industry to design new methods to handle recurring payments and equalize monthly installment payments (EMI) without storing cards.
As of March 31, 2021, RBI has asked all non-bank payment system participants and traders to clean card data from their system on December 31, 2021.
Online clowns, including e-commerce companies, ticket services and other providers, have saved credit.
Card data on their customer’s account so that customers don’t have to enter card data every time payment.
The RBI does not want the entity not to arrange to store card information because some traders save millions of card information and violations can produce card information exposed.
According to central banking sources, the number of malware attacks on business companies is increasing.
To ensure that card data is not risky and at the same time ensure that customers do not feel uncomfortable, the RBI has come out with the tokenisekation guidelines.
Here customers authorize banks or payment networks (Visa, MasterCard, Rupay) to issue tokens to traders, which are in accordance with their account.
Traders then use tokens on site cards to receive payments and process money refunds.
If the merchant server is violated and the token data is stolen, it cannot be used by hackers.
“We would like to thank RBI because it gave this industry a much-needed time to increase its efforts and work to achieve the true intention of this guideline.
PCI will work with industry and RBI to produce solutions to handle every case of use such as refunds and post activities – Transaction, including handling bills, dispute resolution, gift / loyalty programs that currently need card data storage by entities other than card issuers and card networks, “said Vishwas Patel, Director of Infibeam Avenue and Chair of the Indian payment council.
“As an industry, we are strongly committed to achieving the RBI’s vision to improve customer protection against customer card credentials and all began that trip,” said Srinavasu MN, founder, Billdesk and Co-Curities from the BBPS committee in PCI.
He said the industry would use the next six months to implement a uniform solution that is suitable for limitless migration for cardholders and ensuring adequate security for storage.