The Reserve Bank of India (RBI) is set in its ways about its revised guidelines on the data storage policy. The RBI has rejected the proposal made by payment gateway companies with regard to the new regulation that might kick in from January of 2022.
The revised regulations prevent payment aggregators and merchants like Amazon, Flipkart and Netflix from storing the information of a customer’s card on their servers or databases. The bank acts as an important liaison between the customer and the aggregators. The new change also means that customers with debit cards or credit cards will need to punch in their 16-digit card number every time they proceed to make a transaction.
This will definitely slow down the convenience of it all, but the aim of this change was to secure the card information and make sure that payment operators are not storing the data on the system.
Why you Should Memorise those 16 digits on your Credit/Debit Card
If the changes take place from January 2022 as is expected, then customers will need to input their 16-digit card number, along with the expiry date and the CVC for each and every transaction. This will apply whether you are doing it on a merchant website or e-commerce platform. This will be especially cumbersome to the customers who have more than one card or have multiple running subscriptions, but at the end of the day, the point is safety and data security. That being said, it would serve you well to memorise those 16 numbers to smooth out the process as much as possible.
The entirety of the e-commerce payment model works on data that is stored; these companies use this data to market new items to customer demographics based on the information they have. This disallowance of data storage will make it harder for them to target their customers with specific deals or offers. Tokenisation is one possible solution that these players might implement but that would mean hiding the card details with codes.
Turning to UPI
With more security lengthening the process of checkout or transaction, UPI might become the more favoured method of payment. In recent years UPI payment methods have become very popular for their quick and easy payment systems. Customers with debit cards might find it much easier to use UPI for paying on merchant platforms.
As the new rules have not come into full effect yet, merchant sites and payment gateways allow cardholders to store their data on their databases with only a thin layer of security to verify. Usually, this is done with the CVV (card verification value) and a one-time password (OTP). The RBI rejected this and the demand for a repeal in the new guidelines. The apex bank wanted to bring in the new guidelines in July itself but had to postpone it by six months due to banks not being ready for it yet. The RBI has gone the extra mile to ensure high levels of customer security as the new rule will prevent payment aggregators from storing customer card details on their platforms that are accessed by merchants.
Once the new guidelines come into effect, even authorised card operators will not be able to access data for smooth processing of chargebacks, grievances, and resolving issues. Even though the quick and easy process is somewhat hindered, it ensures the security of the data, which is ultimately the ideal standard of operations.