Mastercard banned from taking on new customers in India after flouting data rules

The country’s reserve bank found that the payment provider did not comply with a data policy established in 2018

The Reserve Bank of India (RBI) has banned Mastercard from taking on new customers from 22 July following a dispute over the company's failure to abide by data storage policies.

In April 2018, the RBI released a Storage of Payment System Data notice which stipulated that payment system providers should store payment data in India to ensure “better monitoring”. This includes the full end-to-end transaction details and information collected or carried as part of the message or payment instruction.

However, for the “foreign leg” of the transaction, the data can also be stored in the foreign country if required.

Payment system providers were given six months to implement this change, which should have been completed by 15 October 2018, and report compliance to the RBI, as well as submitting an audit report to the bank by December. Mastercard is said to be still in breach of these terms, according to the RBI.

“Notwithstanding lapse of considerable time and adequate opportunities being given, [Mastercard] has been found to be non-compliant with the directions on Storage of Payment System Data,” said Yogesh Dayal, chief general manager at the RBI.

Related Resource

Aberdeen Report: How a platform approach to security monitoring initiatives adds value

Integration, orchestration, analytics, automation, and the need for speed

White text against a pink-red background - whitepaper from IBMFree download

The RBI has now placed a freeze on the onboarding of new Mastercard customers across the country, and Mastercard must advise all card-issuing banks and non-banks to conform to these directions.

A spokesperson from Mastercard said it is "fully committed" to its legal and regulatory obligations in the markets it operates in.

"Since the issuance of the 2018 directive requiring on-soil storage of domestic payment transaction data, we have worked closely with the RBI to ensure that we comply with the requirements," said the spokesperson. "While we are disappointed with the stance taken by the RBI today (July 14), we will continue to work with them and provide any additional details needed to resolve their concerns."

The 2018 policy change emerged following a recognition that the payment ecosystem in India had expanded “considerably” with the emergence of new payment systems, players, and platforms.

“Ensuring the safety and security of payment systems data by adoption of the best global standards and their continuous monitoring and surveillance is essential to reduce the risks from data breaches while maintaining a healthy pace of growth in digital payments,” the bank stated.

In order to have “unfettered access” to all payment data for “supervisory purposes”, the RBI decided that all payment system operators had to ensure that data related to payment systems operated by them should be stored only inside the country.

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Recommended

NSW government to set up $4 million semiconductor bureau
Policy & legislation

NSW government to set up $4 million semiconductor bureau

20 Oct 2021
Microsoft launches AI startup acceleration programme in India
Careers & training

Microsoft launches AI startup acceleration programme in India

20 Oct 2021
Alibaba unveils custom Arm-based server chip
components

Alibaba unveils custom Arm-based server chip

19 Oct 2021
Japan to launch £637 million tech fund for AI and 5G
Policy & legislation

Japan to launch £637 million tech fund for AI and 5G

18 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Windows 11 has problems with Oracle VirtualBox
Microsoft Windows

Windows 11 has problems with Oracle VirtualBox

5 Oct 2021