RBI postponed the implementation of new guidelines for Payment Gateways and Payment Aggregators by 6 months.

On 30 March 2021 RBI had declared new guidelines for payment gateways and online merchants to improve the safety and security of card transactions w.e.f July 1, 2021. RBI, with the new rules, aims to curtail the increase in hacks and data leaks influencing customers. However, it has extended the deadline for the implementation of new rules for payment platforms and online merchants that won’t allow them to store any details of customers. The new rules will now be implemented on 31 December 2021.

RBI postponed the implementation of new guidelines for Payment Gateways and Payment Aggregators by 6 months.

“Based on the representations received from the industry seeking additional time for implementing the above instructions, it has been decided, as a one-time measure, to extend the timeline for non-bank PAs (payment aggregators) by six months, till 31 December 2021, to enable the payment system providers and participants to put in place workable solutions, such as tokenization, within the framework set out," the central bank said in a circular issued on 31 March 2021.

According to the new principles around automatic recurring instalments, from July 2021 onwards, auto-debit payments for mobile and service bills of different membership-related services had to stop. Standing Instructions (SI) enrolled using Credit card or Debit cards for administrations, for instance, Netflix, Amazon Prime, Disney-Hotstar just as a large group of other online platforms like Billers and Insurance Suppliers, in addition to other things would have also shut down. 

Additional Factor Authentication (AFA) for recurring payments through payment cards would have started from April onwards. As a result, payments via banks credit and debit card networks, various digital payments valets will fail to comply with the Reserve Bank of India (RBI).

As per the new guidelines, the banks would have been required to send a notification to the customer, 5 days prior to any recurring payment is condemned and permit the debit to go through only after confirmation by the customer. One Time Password would be required to send for auto-debit payments of INR 5,000 to the customer. Hence the automatic transaction won’t happen anymore, authentication from the customer will become compulsory.

Many leading banks claimed that they are not prepared with the backend aid required to implement AFA. Earlier, the customers who were making monthly payments based on e-mandates on their credit or debit cards would have to hop on web platforms of every single service solely and make the respective payments.

“All the ecosystem players, be it banks and payment gateways, are guilty of not taking RBI directive seriously from 2019 and not being able to come on a single platform, which we should have done at least a couple of months back, so that there could have been a smooth transition to the new way of doing recurring transactions,” Payments Council of India (PCI), Chairman, Vishwas Patel, said.

So, the Reserve Bank of India (RBI) was requested to think of giving at least a one-month extension so that players meet RBI directives, Patel, Executive Director, Infibeam Avenues, said. 

One of the communications made by Axis Bank for its customers about the development, said, “By regulatory requirements, processing of e=mandates for the recurring transaction, which has been registered on your credit or debit card without Additional Factor Authentication (AFA), will continue w.e.f April 1, 2021. You may make payments directly through your card at the merchant website or application.”.

If the rules were implied, the standing instructions (SI) registered from bank accounts for recurring payments, for instance, house rent, mutual fund, SIPs would have prevailed. 

Many Consumer Internet Companies like Amazon, Flipkart, Netflix, Microsoft and Zomato wrote to the central bank expressing the sudden impact on experience if the rules are not exempted. Consumers are used to storing card data on platforms, apps, websites, etc because they are not required to fill in the details every time they visit those platforms. 

Nevertheless, this process will change as the customer would have to fill in all details for every transaction, as the companies have to design e-payment guidelines by 31st December 2021.