PCI Proposes Mutually Agreeable Solution for Card Data Storage Issue

Reading Time: 2 minutes

Five months after RBI issued guidelines that banned storing card data on PA&PG servers, another one was released by the Payment Council of India (PCI) that the industry is working on the problem and is trying to find a mutually agreeable solution.

The RBI has been treading cautiously while dealing with the topic of data storage. It has also pitched the idea for data localization. It doesn’t want the PA&PG to store customer data from a security and risk perspective. The RBI will penalize any institution that doesn’t adhere to this directive. 

The entire payment and financial industry were divided by RBI’s rulings. The most fervent claim is this new policy will reduce the percentage of customers who prefer card payment methods.


What was RBI’s stance on card data storage?

The Federal Reserve Bank of India (RBI) guidelines on 31st March 2020 ban the storage of card data on their servers by the Payment Aggregator & Payment Gateway (PA&PG). According to these guidelines, PA&PG firms must stop storing their customers’ transaction data from 1st January 2022. It essentially means the customers will now be asked for their card data whenever they transact with any online merchants. 

Thus, customers will either need to always carry their card with them or memorize the 16-digit number. This drastic change spells bad news for the Fintech world and the payment ecosystem that relies on seamless and remarkable user interface and expertise. 


PCI Ensuring Security of User’s Card Data 

On the 25th of August 2021, the Payment Council of India (PCI) issued a necessary clarification. This piece of news gave card users enough reason to rejoice as most people have trouble remembering their credit or debit card numbers. Users no longer have to remember their 16-digit card number at the point of sale. 

PCI assured it would work alongside the regulator to identify a mutually acceptable path to simplify card data. There are two options available, fix the solution for securing card-related data and provide a seamless customer experience. 

Even though the statement issued by the PCI is nothing more than a small clarification, it is noteworthy to see both the industry and the RBI working in tandem for the sake of its customers and the Fintech industry. 

Communication seems to be the primary problem in most cases associated with Fintech or even innovation. 


The Growing Need for Securing Transactions via Electronic Cards  

An important point that’s highlighted by such instances is the need for Regtech. Regtech refers to the different regulatory frameworks that exist within the Fintech sector. The concept of regulatory technology is gathering steam in most developed countries across the globe. Now that India is galloping toward digital innovation and digital growth, the importance and need for regulatory support cannot be overlooked, considering the number of debit and credit card transactions daily. 

Even though the Supreme Court set aside RBI’s notification on cryptos, RBI didn’t immediately issue a clarification to the banks.  Till then, there was chaos and uncertainty for the customers as well as banks. This is where Regtech steps into the picture.     

Regulation, security, and safety measures while dealing with electronic card payments cannot be stressed enough. Head over to the comments section to share your thoughts and ideas about this update!  

Leave a Reply

Your email address will not be published. Required fields are marked *