Even if some worries about failed payments and revenue losses persist, the Reserve Bank of India will not extend a Friday deadline for companies to install an additional layer of protection for customer credit card information, according to bankers and merchants.
Smaller merchants have asked for a postponement of the compliance date. Still, the central bank has not indicated that there would likely be one, according to three banking and merchant sources who spoke to Reuters.
A comment request sent through email to the Reserve Bank of India (RBI) was not answered.
According to a banker at a sizable state-owned bank, “the general perception is that banks, card networks, and (bigger) merchants are better prepared. Therefore the pressure from the ecosystem side for an extension has also not been enormous, and we haven’t gotten any signal to recommend an extension either.”
It will come as a surprise if it does, he continued.
India started a massive initiative three years ago to safeguard card data by mandating firms to tokenize cards by September 30.
To strengthen data security, card details are replaced with a special code or token produced by an algorithm, enabling online purchases without disclosing card information.
The RBI originally enacted the regulations in 2019 and, following many extensions, has mandated that all Indian businesses delete any stored credit and debit card information by October 1, 2022.
Smaller businesses may run into difficulties, which might result in revenue losses for them in the short term, despite the fact that banks, card firms, and huge shops are prepared.
Additionally, merchant groups have contacted the central bank to request an extension of time.
After tokenization standards are implemented, several retailers and bankers worry that card-related transactions may temporarily decline.
“Payments appear to fall off as soon as an extra layer of friction is added. There are also worries that initially, we would have repeating drops at levels comparable to what we had observed, “said Rohit Kumar, founding partner of the public policy consulting company TQH Consulting.
According to merchants, recurring payments were failing by 10% to 15%, while the prior tokenization deadline was approaching.
Since card information won’t be held on the merchant servers, Rajaram Suresh of Boston Consulting Group noted that in addition to payments, other items that need to be stress tested include what happens when a product is returned and other post-transaction activities.
In contrast to India, where it is required, European stakeholders have been urged to tokenize cards for security reasons, Mr. Suresh continued.
Analysts contend that tokenization is essential at a time when digital payments are anticipated to exceed the $10 trillion level by 2026. According to data from the central bank, fraud involving card or online transactions has increased and accounted for 34.6% of all fraud instances in FY21.
According to Jagdish Kumar, senior vice president of Worldline India, “People are used to one-click checkout so that adoption may take more time, and some people may shift to cash but considering that this makes online transactions more secure, customers will adopt this faster without much chaos this time around.”