RBI’s Decision: Credit Card Payments May Face Service Closure
The Reserve Bank of India (RBI) has issued a directive that could potentially lead to the closure of certain services related to credit card payments. This move has raised concerns among consumers and businesses alike.
In August 2022, RBI issued a circular prohibiting non-bank entities from storing payment data of customers. This includes card-on-file (CoF) data, which is the sensitive information stored by merchants to facilitate recurring payments on behalf of customers.
Impact on Services
The RBI’s directive affects services that rely on CoF data storage, such as:
Subscription-based services: Businesses that offer subscriptions, such as streaming services, online retailers, and gym memberships, may be unable to process recurring payments automatically.
Auto-pay services: Services that allow customers to set up automatic payments for bills, such as utilities, insurance, and rent, may be disrupted.
One-click payments: Merchants that offer one-click payment options for repeat purchases may no longer be able to do so.
Consequences for Consumers and Businesses
The closure of these services could have significant consequences for consumers and businesses:
Convenience: Consumers will lose the convenience of recurring payments and one-click purchases.
Security: The removal of CoF data storage may improve data security, but it could also lead to increased fraud risk as merchants will need to re-authenticate customers for each transaction.
Business revenue: Businesses that rely on subscription-based or auto-pay services may experience a loss of revenue.
RBI’s Rationale
RBI has stated that its decision is aimed at enhancing the security of payment systems and protecting customer data. The bank believes that storing CoF data by non-bank entities poses a potential risk to data breaches and fraud.
Alternative Solutions
Merchants and payment service providers are exploring alternative solutions to address the RBI’s directive. These include:
Tokenization: Tokenization involves replacing sensitive payment data with a unique token that can be used for transactions without exposing the underlying data.
Mandate-based payments: Merchants can obtain a mandate from customers to debit their accounts directly for recurring payments.
Dynamic linking: This involves creating a unique payment link for each transaction, eliminating the need for CoF data storage.
RBI’s decision to prohibit CoF data storage by non-bank entities has significant implications for credit card payments. While the directive aims to enhance security, it may also lead to the closure of certain services and inconvenience for consumers and businesses. Alternative solutions are being explored to mitigate the impact of the directive.
