India’s Reserve Bank yesterday barred credit card giant Mastercard from signing up any new customers in the nation.
A notice from the bank said Mastercard “has been found to be non-compliant with the directions on Storage of Payment System Data”.
Those directions were issued in April 2018, and gave banks and payment systems a deadline of October 15, 2018, to “ensure that the entire data relating to payment systems operated by them are stored in a system only in India”.
The directive required full end-to-end transaction details and all “information collected/carried/processed as part of the message/payment instruction” to be stored in India. Portions of data describing the offshore parts of cross-border transactions were allowed to be stored outside India.
- Jailed for seven years: Cyber-crook who broke into Big Biz to steal bank card info for FIN7 super-gang
- Xiaomi and NXP ride a bus to Moscow with a wearable Mastercard
- From Libra to leave-ya: eBay, Visa, Stripe, PayPal, others flee Facebook's crypto-coin
- NASSCOM shakeup: Accenture's Rehka Menon becomes first woman to chair Indian IT trade org
The Reserve Bank had a bit of a crack at Mastercard in its notice:
Notwithstanding lapse of considerable time and adequate opportunities being given, the entity has been found to be non-compliant with the directions on Storage of Payment System Data.
Mastercard told The Register it is "fully committed to our legal and regulatory obligations in the markets we operate in" and has "provided consistent updates" to the Reserve Bank of India since 2018.
"While we are disappointed with the stance taken by the RBI in their communication dated July 14, we will continue to work with them to provide any additional details required to resolve their concerns."
Mastercard is, at least, not alone in having failed the Reserve Bank’s test – American Express and Diners Club copped a similar notice in April 2021. However The Register cannot find evidence that any local bank or payment system has found itself in trouble. ®