Del. HC: Rs. 1 Lakh Cost Imposed on Person Who Made Lord Hanuman Party in Property Dispute  ||  Ker. HC: Termination of 27 Weeks Pregnancy Citing Foetal Abnormalities Permitted  ||  SC: Inclined to Hold That Accused in One Case Shouldn’t be Denied Anticipatory Bail in Another Case  ||  Bom. HC: Bank Regis. with CERSAI has Priority Over DCST Against Proceeds of Enforce. under SARFAESI  ||  Bom. HC: Govt’s Amendment Exempting Private Schools from RTE Quota If Govt-Run School Nearby, Stayed  ||  Del. HC: Apart from ‘Good and Bad Touch’ Children Need to be Taught About ‘Virtual Touch’  ||  SC: Minimum 1/3rd Women's Reservation in SCBA Posts is on Experimental Basis  ||  SC: Can Apply Doctrine of ‘Lis Pendens’ Even if Section 52 of TPA Inapplicable in a State  ||  SC: Can Apply Doctrine of ‘Lis Pendens’ Even if Section 52 of TPA Inapplicable in a State  ||  Del HC: Accused’s Mobile Having Photos of Osama Bin Laden Not Enough to Label Him as ISIS Member    

Restriction on storage of actual card data- (Reserve Bank of India) (23 Dec 2021)

MANU/RMIC/0161/2021

Banking

1. In terms of our circular DPSS.CO.PD.No.1810/02.14.008/2019-20 dated March 17, 2020 on "Guidelines on Regulation of Payment Aggregators and Payment Gateways", the authorised non-bank payment aggregators and merchants on-boarded by them were prohibited from storing card data (CoF) from June 30, 2021. At the request of industry stakeholders, this timeline was extended to December 31, 2021 vide circular CO.DPSS.POLC.No.S33/02-14-008/2020-2021 dated March 31, 2021. Further, regulations on CoF Tokenisation (CoFT) were issued vide circular CO.DPSS.POLC.No.S-516/02-14-003/2021-22 dated September 07, 2021 on "Tokenisation - Card Transactions: Permitting Card-on-File Tokenisation (CoFT) Services".

2. In light of various representations received in this regard, we advise as under:

a. the timeline for storing of CoF data is extended by six months, i.e., till June 30, 2022; post this, such data shall be purged; and

b. in addition to tokenisation, industry stakeholders may devise alternate mechanism(s) to handle any use case (including recurring e-mandates, EMI option, etc.) or post-transaction activity (including chargeback handling, dispute resolution, reward / loyalty programme, etc.) that currently involves / requires storage of CoF data by entities other than card issuers and card networks.

3. This directive is issued under Section 10 (2) read with Section 18 of Payment and Settlement Systems Act, 2007 (Act 51 of 2007).

Tags : RESTRICTION   STORAGE   CARD DATA  

Share :        

Disclaimer | Copyright 2024 - All Rights Reserved