NEW DELHI: Mobile-first financial services firm Paytm on Monday said that in order to protect privacy and security of consumer data, it is critical that players invest in data localisation. The firm said that no payment system should be allowed to roll out services unless they comply with the regulations.
“Data localisation is critical for the security of India’s payment systems. Every payment system, app and payments platform must comply with the RBI regulation. No one should be allowed to commercially launch service unless their systems are clearly only and only in India,” said Kiran Vasireddy, COO, One97 Communications, which operates the Paytm brand.
Recently, the RBI has asked all payment system operators to ensure that data is stored only within the country and has also given the companies a deadline of October 15, 2018, to do the same.Vasireddy said that breach by other players have the potential to affect the entire ecosystem. “The payments network is interconnected and interoperable. Breach by any player who does not comply with the guidelines carries potential impact on all others who have done so,” he said.
When the data is processed and stored in multiple geographies, there’s a lack of clarity as to which country’s data laws will be applicable to it, he said. “The data is open to potential misuse as unregulated/third-parties might have access to India’s sensitive financial data. Replicating the data back to servers in India or encrypting the same is not a trusted solution,” he said.
The debate for data localisation has gained momentum since Facebook-owned Whatsapp, which was recently involved in a data leakage controversy, is readying for a commercial rollout of its payment services.