Don't launder India data abroad: RBI to payment system operators
Mumbai: All payment system operators in the country will henceforth be required to store data within India to ensure safety and security of users' information, the RBI said on Thursday.
The operators will be given six months' time to comply with the directive of the central bank.
In recent times, the payment ecosystem in India has expanded considerably with the emergence of new payment systems, players and platforms.
"Ensuring the safety and security of payment systems data by adoption of the best global standards and their continuous monitoring and surveillance is essential to reduce the risks from data breaches while maintaining a healthy pace of growth in digital payments," the RBI said in a statement on 'Developmental and Regulatory Policies'.
The RBI further said that at present "only certain" payment system operators and their outsourcing partners store the payment system data either partly or completely in the country.
"In order to have unfettered access to all payment data for supervisory purposes, it has been decided that all payment system operators will ensure that data related to payment systems operated by them are stored only inside the country within a period of 6 months," the central said.
The central bank will issue detailed instructions in this regard within one week.
The spotlight on data security comes at a time when social media giant Facebook has faced a global backlash over breach of user data.