RBI declares localisation of Payment Data Storage
The Reserve Bank of India (RBI) on Wednesday declared that all data related to payments must be stored in India and all data related to transactions processed abroad will have to be brought back to the country within 24 hours. Data stored in India should include end-to-end transaction details and info about payment transactions.
RBI stated “For cross border transaction data, consisting of a foreign component and a domestic component, a copy of the domestic component may also be stored abroad, if required”.
The data storage norms will be applicable to all banks operating in India as they are participants in the payments system such as RTGS, NEFT, NPCI and card schemes. There will be some exceptions though. Some banks, especially foreign, that had been permitted to store the banking data abroad may continue to do so. However, in respect of domestic payment transactions, the data shall be stored only in India.
The data stored domestically must include end-to-end transaction details and information related to payment or settlement transaction collected or processed as part of a payment. “This may, inter alia, include—customer data (name, mobile number, email, Aadhaar number, PAN number, etc), payment sensitive data (customer and beneficiary account details) payment credentials (OTP, PIN, passwords, etc.); and, transaction data (originating and destination system information, transaction reference, timestamp, amount, etc.),” it said.
These regulations were expected to affect companies like Mastercard, American Express, Amazon, Facebook, Microsoft, Visa and PayPal who will be forced to store data locally. Here’s the full list of frequently asked questions on the matter that the RBI published.
In lieu of securing Indian customer data from hackers and cyber criminals, RBI has brought in such a policy.
Logix is a leading Information Technology company with commanding expertise & proven track record in providing Messaging & Collaboration, Email Security & Cybersecurity solutions to over 2100 business enterprises ranging from SMB , PSU, BFSI , Govt & Large Enterprise Customer.
Our Logix cloud setup is hosted in three Tier 3 IDC setups in Mumbai, Pune & Bangalore on state of art Cloud infrastructure built on Hyper Converge Technologies, making sure your data lies in India & is secure. Maintaining the confidentiality of our customer’s data is our utmost priority, we adhere to strict SOC 2 Type II guidelines & are a SOC 2 Type II compliant organization
