New guidelines issued by the Reserve Bank of India (RBI) banning the storage of customer card numbers by online merchants and payment aggregators was scheduled to come into effect on January 1, but has now been extended by six months.
Back in March 2020, RBI issued guidelines that restricted merchants from saving customers' card details in order to boost security. RBI had ordered all companies in India to purge saved credit and debit card data. The central bank gave timeline to introduce a token consent system where the token of consent is presented to the e-commerce/online merchant and not the actual card details to maintain security.
The mandate and the quick adoption faced strong opposition from the e-industry that presented it's 'un-readiness' for the move. Many argued that this would push customers back into the cash economy as the process for token consent would not be effectively implemented in the given time. So now the central bank has given banks and related parties upto June 30 to get their act together.
Starting July 1, 2022, customers will not be able to save their debit or credit card details on any e-commerce platform and to make transactions one can either memorise the 16 digits on the card or use the token system which is still not in place.